[Asterisk-Dev] iax2 encryption

[Steve Kann]

Mark Spencer wrote:

> I've just added some basically operational IAX2 encryption, more for a 
> talking point than anything else. It seems to work okay but I'd like 
> to get some feedback. A few things in particular:
>
> * Don't have a good initial vector, needs to be added...
>
> * Native bridge functionality need to be there
>
> * Trunk frames not encrypted
>
> Nothing about the iax2 encryption is fixed in stone by any means. I 
> intentionally did not add any documentation of the commands to enable 
> it ("encryption=yes") nor do I consider the protocol to be in any way 
> fixed, everything is still on the table. I just wanted to make 
> something that would do *something*.
>
> Anyway feel free to comment.

Hmm, maybe you'll get more comments than I've gotten on all the audio 
quality stuff I'm working on :)

My first comment is that except for taking the IEs I have in my code for 
RRs, it doesn't look like it will break anything :)

My second comment is to ask if it would be possible or difficult to 
ensure integrity as well as confidentiality. It would seem worthwhile to 
prevent users from forging packets to send to the IAX2 port which will 
foobar the whole system..

Other than that, I'll need to look at things a bit more closely, but I 
already commented a bunch in the bugtracker (and here?) previously.. Off 
the top of my head, I remember that some important things were rotating 
keys (otherwise, plaintext attacks are easy), and some care needing to 
be taken when transferring, such that the new endpoint doesn't get the 
same key that had been used previously (which would then allow it to 
decrypt the previous leg of the call).

-SteveK