[VOIPSEC] Why a secure keyechange for media encryption?

Weidong Shao weidongshao at gmail.com
Fri Apr 28 12:15:59 PDT 2006


I agree that signaling protection is important. Hop-by-hop protection is
also possible. You just need to take care of authentication for each leg.
If everything is within an enterprise, it is relatively easy to achieve
this. It is difficult  to cross administrative boundaries. PKI can help but
sitll requires proper configurations etc.

see inline

On 4/28/06, Hadriel Kaplan <HKaplan at acmepacket.com> wrote:
>
> Au contraire, firewalls do not make encryption problematic.  TLS works
> through them all the time.


if signaling is encrypted, how does the firewall open up ports to let  RTP
media pass through?
unless you want to leave firewall wide open for RTP data (quite a large port
range)

IPSec has had problems, but it's less common for
> SIP anyway.  ALGs are not needed, if by an ALG you mean in your local NAT.
> Phones can use stun/ICE or other protocols to fix their addressing, or let
> an SBC do it for them (an SBC is neither an ALG nor a firewall).


sure, if stun/ICE is used, there is no need for NAT rewrite of SDP.
An SBC will complicate hop-by-hop signaling encryption.

If you don't trust the hop-by-hop signaling path to remain secure, don't use
> it - your signaling is almost as sensitive as your media - more for some,
> less for others.  Send signaling directly to the far-end, or use s/mime to
> encrypt the SDP (good luck with that).


same feeling on  S/MIME, i do not know how it ever works if two end users
are not under the same trust model.

-hadriel
>
>
> > -----Original Message-----
> > From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> > Behalf Of Weidong Shao
> > Sent: Friday, April 28, 2006 3:56 AM
> > To: Michael Prochaska
> > Cc: voipsec at voipsa.org
> > Subject: Re: [VOIPSEC] Why a secure keyechange for media encryption?
> >
> > you have a point here. It is nice to have encrypted signalling and then
> > the
> > media key can simply  be sent over the signaling channel.
> >
> > But encrypted signaling is problematic with firewalls or ALGs (which are
> > often necessary for NAT rewrite), and if there are multiple hops in the
> > signaling path, you then need to have hop-by-hop signaling encryption.
> > Then,
> > the question is, how do you manage key management for each segment of
> > signaling path?
> >
> > Weidong
> >
> > On 4/28/06, Michael Prochaska <tm021090 at fh-stpoelten.ac.at> wrote:
> > >
> > > hi,
> > > i'm a student and are working on my diploma thesis (VOIP security with
> > > open standards)at the moment.
> > >
> > > i know the question is a little bit provocative.
> > >
> > > in my eyes there are the following vulnarabilities / problems for
> > > signaling:
> > >
> > > - SPIT
> > > - unauthorised use of account
> > > - identity forgery
> > > - session highjacking
> > > - loss of anonymity
> > > - replay
> > >
> > > and the following vulnarabilities for the media stream:
> > >
> > > - replay
> > > - eavesdropping
> > >
> > > any additions are welcome :-)
> > >
> > >
> > > the outcome of this is that the signaling is "the bigger" problem.
> > >
> > > in which situations it might be usefull to encrypt and authorize only
> > > the mediastream ? i thing the goal must be a secure signaling. when i
> > > have a secure signaling, why not exchange the key plain over the
> > > signaling channel?
> > >
> > > any comments are very welcome!
> > >
> > > best regards,
> > > michael
> > >
> > > _______________________________________________
> > > Voipsec mailing list
> > > Voipsec at voipsa.org
> > > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> > >
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>



More information about the Voipsec mailing list