[asterisk-dev] VoIP Encryption
John Todd
jtodd at loligo.com
Sat Mar 11 22:46:29 MST 2006
>Hi all,
>
>Does anyone know any open source or tools to encrypt the VoIP
>packets (Singnaling/RTP)? Becuase some ISPs they are interpting the
>Voice packets. so i we will use the encryption it will be very hard
>for him to know the packets.
>
>Already i tried with openVPN but the quality is still bad and the
>ISP interption is there.
>
>I will be appricaite if anyone can tell me the tools or library to
>encrypt the packets.
>
>Thank You
I think that the discussion of IPSEC and various higher-layer VPN
solutions is probably overkill for VoIP, in both complexity and in
purpose. I am a firm believer in applications-layer security. VPNs
are primarily used as a hack when the underlying protocols are
insufficient to provide adequate protection for the transported data.
There are existing implementations of SRTP for SIP RTP with Asterisk
(http://bugs.digium.com/view.php?id=5413) though the key exchange is
still in the open as Asterisk does not support TCP/TLS/SMIME of any
type for the SIP signalling. Testers are welcome.
The IAX(2) implementations of encryption should be more widely
publicized. I will admit I got it working a while back, but have not
implemented it everywhere because I don't have the time or
inclination to get complex, undocumented, or fragile crypto working
because it becomes more of a burden than the benefits it brings.
Hopefully there can be a "README.crypto" file written some time...
(yes, maybe I'll do it, but add it to the pile which might get looked
at sometime in 2008.)
JT
More information about the asterisk-dev
mailing list