[VOIPSEC] ipsec vs. tls/srtp ?

Dan Wing dwing at cisco.com
Wed Feb 22 22:42:52 GMT 2006 

(I'm a different Dan, but I'll nevertheless take a stab at this.)

For media encryption to make sense you need to provide integrity protection
and authentication of the signaling, and have some way to encrypt the SRTP
keys themselves.  The easiest way to accomplish this is to simply encrypt
the signaling (using, say, TLS).  Other techniques such as using SIP Digest
authentication provide authentication but pretty poor integrity protection.
S/MIME is hard.  Some of the MIKEY modes provide ways to authenticate,
integrity protect, and encrypt the SRTP keys themselves but not other
aspects of the signaling.

As for ALG-based firewalls breaking with encrypted signaling yes, that's a
problem -- they break.  Whenever the media and signaling don't traverse them
they break, too (backup ISDN links for example).  See
draft-wing-session-auth for one proposed solution.  Other solutions are to
use an SBC or a to use a SIP-aware firewall that is implemented as a SIP
proxy.  Firewalls can also be configured without their ALG function and
permit outgoing UDP traffic and UDP responses - as everyone is now doing
symmetric RTP and symmetric RTCP for NAT traversal anyway, this can work
pretty well although the security characteristics of doing this are weaker
than an ALG-based firewall, an SBC, a firewall+proxy, or
draft-wing-session-auth.

-d


> Dan and others,
> Can you separate out the signaling encryption from the media 
> encryption?
> That is, can one typically use SRTP for encrypting the actual 
> voice stream
> without encrypting the signaling stream?
> 
> The reason I ask this is my assumption is that if the 
> signaling stream is
> encrypted, VoIP-aware firewalls are no longer viable since 
> the FW can't see
> inside the signaling session to know which ports to open for the media
> session.
> 
> Thoughts?
> 
> Irwin
> 
> -- 
> Irwin Lazar, CISSP
> Senior Analyst, Burton Group
> ilazar at burtongroup.com
> Phone: 703-742-9659
> AIM/Gizmo/Google/MSN/Skype/Yahoo: imlazar
> SightSpeed: ilazar at burtongroup.com
> 
> 
> 
> > From: <dan_york at Mitel.com>
> > Date: Wed, 22 Feb 2006 14:01:53 -0500
> > To: Jin Wang <jin_x_wang at yahoo.com>
> > Cc: <Voipsec at voipsa.org>
> > Subject: Re: [VOIPSEC] ipsec vs. tls/srtp ?
> > 
> > Jin,
> > 
> >> The recent list discussion about voip & vpns brings up another
> >> question: How do the list members feel about using tls & srtp as a
> >> secure alternative to running sip voip over ipsec vpns ?    There
> >> would seem to be some advantages to using tls & srtp but I 
>  would like
> > some other opinions.
> > 
> > Are you asking about the approach of separately encrypting 
> the SIP call
> > control 
> > using TLS and then encrypting the voice using SRTP?  (Versus not
> > encrypting both 
> > but just tunnelling all the unencrypted traffic over an 
> encrypted VPN
> > tunnel?)
> > 
> > If so, yes, we see that as a secure alternative to VPN 
> tunnelling.  This
> > is
> > how we secure all of our (Mitel) sets.
> > 
> > Regards,
> > Dan
> > 
> > -- 
> > Dan York, CISSP
> > Dir of IP Technology, Office of the CTO
> > Mitel Corp.     http://www.mitel.com
> > dan_york at mitel.com +1-613-592-2122
> > PGP key (F7E3C3B4) available for
> > secure communication
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> 
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list