Voice of VOIPSA

In VoIP Security it seems we owe a double debt to Claude Shannon.  Shannon is probably best known for the Nyquist-Shannon sampling theorem, which underlies the whole of digital sampling of analog signals.  The elevator version of this idea is that when you sample something into digital form, you have to do this at least twice the frequency of the highest frequency that you want to reproduce.  This is why CDs only have an audible frequency range of 22kHz (due to the 44 kHz sampling rate), which comfortably covers the range of frequencies that I can now hear, although perhaps not my childrens’. 

But Claude Shannon also coined the term perfect secrecy, as he did a lot of work related to cryptography.  In a nutshell, perfect secrecy means that you have no more information about the plaintext after seeing the ciphered version than you did before seeing it, i.e. it’s perfectly secret if the ciphered text gives you no clues and all plaintexts are equally probable.  I would highly recommend reading Shannon’s biography at the Wikipedia site.

Actually, reading this page made me think about Richard Feynmann (also  biog’ed at Wikipedia), one of my great heroes. 

The two men were about the same age: Shannon combined a serious academic career with juggling, unicycling and with roulette weekends in Las Vegas;  Feynmann, a brilliant physicist and educator, had hobbies of bongo drumming, painting and safe cracking.  I wonder if the two of them ever met?

In an interestingly eerie parallel to a discussion that has recently cropped up on the VoIPSec forum regarding peer-entity authentication vs. data-origin authentication, Skype announced yesterday that it intends to address the issue of user-identification within their VoIP service.

Part of Skype’s “wish list” for further expansion into the business market is to enhance username authentication for business customers, the voice over Internet Protocol company said Wednesday.

Skype’s system currently automatically authenticates users itself, based on certificates from it’s own encrypted Public Key Infrastructure (PKI). Because it does this automatically and transparently to the user, the users themselves have no way of authenticating the identity of the person they are communicating with.

“Skype is a public key infrastructure, which means nothing if you don’t know who you are identifying at the other end,” Sauer said.

You can read more detail at News.com.com.

Hank Cohen of Hifn sent along this article taking a look at cryptography in VoIP both for signalling and for voice. He explains the various proposals (including TLS/SSL, IPSec and Datagram TLS) and provides his view of the advantages and disadvantages of each proposal. Here is a brief taste of the longer article:

I believe that we first need to divide the VoIP cryptography problem into two parts; signalling security and media security. The requirements for these two areas are quite distinct so we need to be careful not to lump them together. Signalling connections may be persistent for long intervals but they tend to carry only a few short messages. Furthermore although signalling messages must be delivered in a timely manner they are not real time in the sense that their value degrades if latency or jitter increases, assuming that they are delivered soon enough that a connection can be created in a reasonable amount of time. Media on the other hand has stringent real time constraints. If media packets are not delivered within strict limits of latency and jitter their value can decrease to the point where call quality will be better if they are discarded rather than delivered late.

There is an interesting analogy between signalling security in the PSTN and VoIP. In the PSTN in-band signalling was found to be vulnerable to all sorts of hacks through your namesake BlueBoxes. The final solution to the Phone Phreak problem was for the PSTN carriers to create a completely separate signalling network inaccessible from the media network: thus was SS7 born. In the world of VoIP signalling is inherently in-band but we can use cryptographic VPN technology to build a virtual private signalling network with the same technology that enterprises have been using for years now to build virtual private data networks.

There are three proposals floating around the VoIP world for signalling VPNs; SSL or TLS secured signalling tunnels, IPsec secured signalling tunnels and most recently Datagram TLS secured signalling tunnels. I would like to offer some pros and cons for each method.

Follow the link below to read Hank’s full article and if you have a different view (and I expect some will) on the different proposals, please do feel free to leave a comment to this article.

We thank Hank for providing this article and please do know that we are always open to publishing guest articles such as this. Just contact me or one of the other weblog authors if you would like to have an article appear.

(more…)