[Asterisk-Users] Re: Voice Encryption

Thu Sep 29 11:06:49 MST 2005

I went over the code. AES128 is the only algorithm that is suppored today.
More importantly there are some concerns on the vulnerability as discussed
in
http://lists.digium.com/pipermail/asterisk-security/2005-August/000060.html.
People are using UDP VPNs to satisfy customer requirements.
http://lists.digium.com/pipermail/asterisk-users/2005-August/120293.html

Thanks

-Scott

------------------------------

Message: 6
Date: Wed, 28 Sep 2005 19:09:17 -0500
From: Andy Hamilton <ciscophonefreak at gmail.com>
Subject: Re: [Asterisk-Users] Re: Voice Encryption
To: Asterisk Users Mailing List - Non-Commercial Discussion
<asterisk-users at lists.digium.com>
Message-ID: <6d720d7f0509281709354ff0c8 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

> Does Asterisk support encryption of voice traffic? I found following wiki
> that describes IAX RSA authentication. I was able to implement the
> public/private key authentication among three Asterisk servers connected
> using IAX protocol. I am not certain if voice traffic can also be
encrypted
> among the Asterisk servers. Your help is highly appreciated.

There has been a little discussion of this topic on the
asterisk-security list somewhat recently.
You may want to look at the message archive from August (
http://lists.digium.com/pipermail/asterisk-security/2005-August/thread.html
) as well as the one from September.

Hope this offers a little help; as someone mentioned, not much
documentation is out there.
>From the August thread:

>Basically it's an automatic features (CVS-HEAD only, btw) where anytime
>a pair of IAX peers have encryption set to "yes" (or, as I understand
>it, a mutually-agreed-upon and supported algorithm) then it just happens
>automagically.
(Brian Capouch)

-a
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20050929/06b6ffe9/attachment.htm