[Asterisk-Users] Encryption

Steve Underwood steveu at coppice.org
Thu Dec 25 04:32:43 MST 2003


Steven Critchfield wrote:

>On Wed, 2003-12-24 at 19:11, Mahoney, Matt wrote:
>  
>
>>Hi,
>>
>> 
>>Does asterisk support any kind of voice encryption?
>>    
>>
>
>Not right now. As I understand it, it is a problem with the fact that
>each packet would have to be able to be decrypted even if packets in the
>stream are lost. In the long run it is going to be a question of how
>secure do you need it to be. Afaik, the good encryption methods are
>stream based, and the loss of packets would kill the decryption. 
>
>Add to that the problem of finding some encryption method that can deal
>with small packets without adding a lot of overhead. Each voice packet
>in IAX with GSM compression isn't very long. The voice data is only 33
>bytes. 
>  
>
The need to tolerate packet losss means a continuous stream cypher can't 
be used. That reduces the quality of the ciphering, but it can still be 
pretty good. You know the packet sequence number (at least with RTP you 
do), so some forms of sequentially changing encryption can still be 
used. SRTP has been through the process of trying to deal with this in 
the most effective manner, but doesn't seem to be widely used right now. 
Free implementations exists - see srtp.sourceforge.net. I guess it 
should be adaptable to IAX.

Regards,
Steve





More information about the asterisk-users mailing list