[Asterisk-Dev] iax2 encryption
Steve Kann
stevek at stevek.com
Wed Dec 29 17:38:38 MST 2004
Mark Spencer wrote:
> I've just added some basically operational IAX2 encryption, more for a
> talking point than anything else. It seems to work okay but I'd like
> to get some feedback. A few things in particular:
>
> * Don't have a good initial vector, needs to be added...
>
> * Native bridge functionality need to be there
>
> * Trunk frames not encrypted
>
> Nothing about the iax2 encryption is fixed in stone by any means. I
> intentionally did not add any documentation of the commands to enable
> it ("encryption=yes") nor do I consider the protocol to be in any way
> fixed, everything is still on the table. I just wanted to make
> something that would do *something*.
>
> Anyway feel free to comment.
Hmm, maybe you'll get more comments than I've gotten on all the audio
quality stuff I'm working on :)
My first comment is that except for taking the IEs I have in my code for
RRs, it doesn't look like it will break anything :)
My second comment is to ask if it would be possible or difficult to
ensure integrity as well as confidentiality. It would seem worthwhile to
prevent users from forging packets to send to the IAX2 port which will
foobar the whole system..
Other than that, I'll need to look at things a bit more closely, but I
already commented a bunch in the bugtracker (and here?) previously.. Off
the top of my head, I remember that some important things were rotating
keys (otherwise, plaintext attacks are easy), and some care needing to
be taken when transferring, such that the new endpoint doesn't get the
same key that had been used previously (which would then allow it to
decrypt the previous leg of the call).
-SteveK
More information about the asterisk-dev
mailing list