[Asterisk-Users] Grandstream, SIP encryption
John Todd
jtodd at loligo.com
Tue Aug 19 01:36:09 MST 2003
At 8:09 AM +0000 8/19/03, WipeOut . wrote:
>
>I have been following this thread ad decided to add my thoughts.. :)
>
>While the thought of encryption always seems like a nice idea the
>reality is usually far from satisfactory.. The increased processing
>power requirements, far larger latency and encryption
>standardisation and interoperability will all prove to be major
>headaches..
>
>As far as I see it if you have ever talked about confidential stuff
>on a cordless phone or a cell phone you should have no problem using
>a SIP phone over the LAN or even the internet.. Even a landline
>phone is easy to tap if you really wanted to..
>
>If the nature of the information is such that it requires a secure
>transport method then you probably shouldn't be talking about it
>over the phone anyway.. irrispective of the phone technology being
>used..
>
>later..
>--
I am hoping that with sufficiently advanced encryption, this
statement becomes as quaint as the concept of: "If you want secure
communications with your computers, you need to be sitting in front
of them." That concept went away with the advent of SSH; let's see
if we can do the same thing with telephony. Nothing is ever truly,
100% secure... but that fact is no excuse to have an absence of
reasonable security.
I suspect that reasonable security on an RTP channel can be achieved
with the same processor overhead that is incurred by G.729 or other
complex encoding. Granted, use of custom chips in some cases for
encoding doesn't make that a useful comparison, but we certainly
don't have that situation with our commodity hardware Asterisk
servers, do we? And that's half the equation. Even if the steps
towards secure RTP/SIP/whatever are made 100% in software, that is
what drives the hardware people into making changes. Anyone at Xten
want to wrestle with this? :-)
JT
More information about the asterisk-users
mailing list