[VOIPSEC] IPSec and VoIP Security
Porter, Thomas (Tom)
tporter at avaya.com
Tue Apr 4 16:06:48 CDT 2006
As a starting point here are some numbers for encryption speeds:
An AES encryption, without hardware acceleration, takes about 50 microseconds, for instance. But the key generation and exchange process can last up to 500ms, which is unacceptable for a real-time VoIP application. Overall, establishing a security association with IPSec requires anywhere
from 2 to 10 seconds. TLS achieves better performance, but it still needs approximately 1.5 seconds to form a security association. IIRC, these figures are from TI.
Best, Tom
Thomas Porter, PHD | Senior Security Architect - Business Communications Consulting | Contact Center Practice | Consulting & Systems Integration | Avaya Global Services | Office: 919-967-2909 | [Mobile - USA] 919-593-3130 | [Mobile - DE] +49-0163-5050427 | [SIP] s00227694 at voicepulse.com | [IM] AvayaTPorter | Email: tporter at avaya.com
-----Original Message-----
From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On Behalf Of Alexandre Passito
Sent: Tuesday, April 04, 2006 10:50 PM
To: Voipsec at voipsa.org
Subject: [VOIPSEC] IPSec and VoIP Security
Hi ALL,
I'd like to start a discussion about using IPSec for end-to-end security in VoIP Systems. I have read some papers about the subject and it seens that IPSec is not completely suitable for this kind of task due to two reasons:
damage to some QoS metrics and the problem with management (key sharing, user permissions and etc). I'd like to hear some ideas about it, future trends and if there are well deployed solutions being tested.
Best regards,
Passito
--
--
Alexandre Passito - Estudante de Mestrado Universidade Federal do Amazonas (UFAM) Departamento de Ciência da Computação (DCC)
--
Alexandre Passito - M.Sc. Student
Federal University of Amazonas (UFAM)
Computer Science Department (DCC)
--
E-mail: passito at dcc.ufam.edu.br
Web: www.dcc.ufam.edu.br/~passito
Manaus - AM - Brasil
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
More information about the Voipsec
mailing list