[Asterisk-Users] IAX/IAX2 encryption?

Brian D Heaton bdheaton at c4i2.com
Mon Nov 10 19:05:44 MST 2003


On Mon, 2003-11-10 at 20:25, Chris Albertson wrote:
> The below is all correct.  In fact the US DoD has very restrictive
> and conservative rules about how some types of data are handled.
> Basically if it leaves a trusted area it will so through a hardware
> crypto box.
> Some of the rules are to ensure that data are protectied even if
> the hardware is badly misconfigured or broken.  It has to be that
> way when you are literaly betting someones life that there can be
> no possibilty of error.  So yes, between servers use some kind of
> trusted, well-debugged crypto system.
> 
Agreed 100%.  The same applies for business where data is their most
valuable commodity.  My comments only pertained to IAX/IAX2 trunking
connections between servers.  As I pointed out, the client case is very
different. 


> But there are reasons why you might want encryption built into
> IAX(2)
> 
> 1) For clients.  Someone may want to "call home" using a
> notebook computer and it would be far simpler if  you din't have to
> set up a VPN
> 
> 2) A user may not have control over the network.  For example,
> I may want to run an IAX client on a computer where I do not
> have root access.
> 
> 3) dumb users.  Many people don't know what a VPN is but could
> (maybe) install a zip'd IAX client or at least be able to find the
> local "computer expert" who knows how to un-zip a zip file.
> 
I agree that for all the cases above some type of crypto in the client
is needed.  I recall seeing something about SRTP -
http://sourceforge.net/projects/srtp/ - on the list when I was reading
through the archives.  It doesn't look like it has had a release in
quite a while though.

There are very good reasons to build it into the client -> *
connection.  I just don't think its necessarily needed for * <-> *
connections (trunking)

> 4) keeping users isolated. Everyone on the "black" side of the VPN
> box could in theory hear each other.  The best place to put the
> encryption would be inside the handset, so even spyware on the PC
> could not intercept any cleartest data.
> 
> The "VPN box in the server room" only works in the special case
> where everyone on the Ethernet LAN is trusted.  In a large 
> enough organiation this will not be the case.
> 
Agreed 100% here as well.  I'd definitely want the VoIP at least VLAN'd
off and switched to cut down on casual sniffers.  Its not truly a secure
solution, but its better than nothing.  Although, if they have access to
the data packets flowing on the wire the voice isn't a big addition.

> 5) you may very well want touse public key cryptogrphy where each
> USER (not each computer or each office) encrypts using his/her
> public key.  User this kind of setup users can be absolutly
> certain of who they are talking too.
> 
I'd really like to see this.  Maybe each user could have a little black
plastic key they could insert and turn to go secure.  Heck, maybe even a
2-line LCD on the phone itself to provide feedback to the user. <G> 
Honestly, this is definitely where I'd like to go.  As long as you
didn't need to do any transcoding could you pass black side encrypted
voice through an Asterisk server?  Not something I've tried yet.  


			THX/BDH





More information about the asterisk-users mailing list