[Asterisk-Security] Opportunistic encryption

Duane duane at e164.org
Fri Jul 21 20:29:25 MST 2006


Enzo Michelangeli wrote:

> Yes, but SMTP-TLS can use unauthenticated ephemeral DH, which was precisely
> what I suggested. This leaves the door open to adding certificates for
> particular peers, if/when available.

I guess the only question is how much time/effort/encouragement would it 
take to modify the SRTP trunk to support this.

> I don't dispute that (see above), I just say that anybody can get a
> certificate from Verisign or any other CA, and still silently eavesdrop
> calls. The situation is fundamentally different from the use of X.509-based
> server authentication in HTTPS for, e.g., ecommerce: there the end user
> behind the browser is responsible for deciding whether or not he can trust
> the bank or merchant that runs the server; the CA, as trusted third party,
> just vouches for the _identity_ of the latter, not its trustworthiness. If
> we want to extend this model to VoIP, we need SIP clients able to display
> the equivalent of the clickable yellow padlock to reveal the identity of 
> the
> party that has authority over the machine where the secure hop ends. Then,
> the user will make up his mind about the security of the whole path, which
> may be longer than that hop.

This is actually quite possible something like a physical device will 
appear on the desk next to computers in the near future, considering 
people are starting to investigate ways of better protecting browser 
transactions as the new wave of trojans won't care about capturing 
authentication information, they will attack browsers at the plugin 
level and simply change data after the user hits the submit button.

http://www2.futureware.at/svn/sourcerer/CAcert/SecureClient.pdf

> Anyway, this approach is totally different from ZGP's, where the 
> security is
> strictly end-to-end and the authentication is biometric.

But biometrics is far from perfect, it just hasn't been around long 
enough to be as broken as some other systems, this is purely because we 
leave our biometric "passwords" all over the place, from DNA, 
fingerprints, iris and even voices (security cameras have mics too!)...

http://www.zdnetasia.com/toolkits/0,39047352,39376855-39094240p,00.htm

-- 

Best regards,
  Duane

http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://e164.org - Because e164.arpa is a tax on VoIP

"In the long run the pessimist may be proved right,
     but the optimist has a better time on the trip."


More information about the Asterisk-Security mailing list