[Asterisk-Security] Opportunistic encryption
Enzo Michelangeli
enzomich at gmail.com
Mon Jul 24 00:35:14 MST 2006
----- Original Message -----
From: "Duane" <duane at e164.org>
Sent: Monday, July 24, 2006 1:40 PM
> Duane wrote:
[...]
> Hmmm should have read a little further, there is a GPL lib, if this can
> be used in asterisk or not (more political then technical I'm guessing)
www.minisip.org says that Minisip's _libraries_ (among which, I suppose,
libmikey) are LGPL'd, not GPL'd, which should be acceptable by Digium: no
GPL "infection" would propagate to the rest of Asterisk's dual-licensed
code.
> and use a DH key exchange would get us to the point of opportunistic
> encryption, pre-shared secrets and PKI without needing TCP SIP support
> as far as I can tell...
>
> http://www.minisip.org/develop_build.html#libmikey
Yes, MIKEY would be fine, but if I read the section 3.3 of RFC3830
(http://www.faqs.org/rfcs/rfc3830.html ) correctly, D-H is only supported if
authenticated by the signing certificate in name of initiator and responder
(see the use of SIGNi and SIGNr, and their formal definition in the section
5.2). Now, I'm not arguing here that PKI is evil, but for opportunistic
encryption we should also allow unauthenticated (anonymous) D-H key
exchange. That's why in one of my previous messages I suggested to support
the proposed HMAC-authenticated flavour on MIKEY described at
http://www.ietf.org/internet-drafts/draft-ietf-msec-mikey-dhhmac-11.txt : it
may easily be made anonymous by using a null/zero/well-known shared secret,
and for non-anonymous transactions it may leverage the shared SIP secret as
key for the HMAC...
Cheers --
Enzo
More information about the Asterisk-Security
mailing list