[VOIPSEC] An issue of trust?

Simon Horne s.horne at packetizer.com
Fri Jun 16 04:54:58 BST 2006 

Tyler

Again...Well actually you can...:-)
In H.323 the call signalling channel H.225 is designed to run end-to-end 
and independent of any intermediaries however it can optionally be routed 
via intermediaries. The decision to route the signalling can be done on a 
case by case basis. When the user registers with the intermediary, a radius 
query can determine if for legal reason (interception) the signalling and 
media must be routed. If so then the signalling is routed otherwise it is 
not. This makes lawful interception very scalable The routing of the 
signalling does not necessarily mean a decrease in security, if you use a 
certificate based or a strong shared secret encryption mechanism to protect 
the media key exchange then the intermediary will not be able to 
reconstruct the media keys easily. For lawful interception the only option 
in this case is to inspect the call signalling and remove the media key 
exchange messages and have the call revert back to a standard non-encrypted 
call.

In H.323, security is already designed into the protocol. The applicable 
group of standards are H.235.x and covers authentication (hop by hop and 
end-to-end) and encryption over both RTP and SRTP (with mikey). Almost all 
H.323 messages are capable of carrying security information. (They are 
called cryptoTokens)

Hopefully, H.325 will streamline the security process a lot more and remove 
some of unnecessary complexity in H.323 however it is only currently in the 
planning phase and it will be several years before it will be implemented.

Simon

At 08:35 AM 16/06/2006, Tyler Johnson wrote:
>You can't. That's why you have to implement security at the application
>layer. That means end to end encryption of media an signaling. However, US
>regulations for CALEA break that. If you do hop to hop security you really
>don't have any assurance of security beyond the next hop unless you are in a
>limited federation, but that doesn't scale to the whole Internet.
>
>I think the bottom line is to work to get coherent policy implemented at the
>federal level in the U.S.
>
>The other possibility is to think about a new protocol that is designed with
>security from the ground up, with wiretap in mind. H.325 offers an
>opportunity here, I think. I don't think it's going to work to reverse
>engineer this into SIP or H.323.
>
>
>----- Original Message -----
>From: <Ron_Cramer at cargill.com>
>To: <Voipsec at voipsa.org>
>Sent: Thursday, June 15, 2006 6:46 PM
>Subject: Re: [VOIPSEC] An issue of trust?
>
>
> > It appears I should clarify my question in regards to a Telecom Service
> > Provider
> > vs an Internet Service Provider.
> >
> > Based on my experience, many enterprises would choose to trust telecom
> > service providers
> > to keep data traffic private on a traditional layer 2 service such as
> > frame relay or voice
> > services on POTS.  And, would choose not to trust Internet based
> > communication, but to
> > mitigate the Internet based risk with firewalls, encryption tunnels, etc.
> >
> > Part of the logic used to differentiate between these two choices was that
> > the traditional layer 2
> > services provided separation between the virtual private networks of the
> > many customers serviced
> > by the Telecom Provider.  Since the packets are being forwarded at layer 2
> > the Telecom Provider
> > had no awareness of anything related to the Internet Protocol.  This also
> > meant that the
> > Telecom Service Providers customers could not use IP based attacks against
> > the carrier infrastructure.
> >
> > As Telecom Service Providers move to offer IP-ware services - MPLS, VoIP
> > or whatever
> > the Telecom Service Providers are vulnerable to IP based attacks.  I know
> > there
> > are many papers that state MPLS *can* be deployed with the same level of
> > security
> > as a layer 2 service, but how can I *trust* the Telecom Service Provider
> > will invest
> > the effort to operate a secure MPLS network.  Or, VoIP, or whatever?
> >
> > Thanks and regards,
> >
> > Ron
> >
> >
> >
> > -----Original Message-----
> > From: Cramer, Ron - Ron_Cramer at cargill.com
> > Sent: Thursday, June 15, 2006 1:19 PM
> > To: 'Voipsec at voipsa.org'
> > Subject: An issue of trust?
> >
> >
> > The issue of trust for your Telecom service provider,
> > either traditional or VoIP based seems to be a fundamental
> > component for secure communications.
> >
> > Can anyone identify an industry standard that an
> > Enterprise can use to establish trust with a Telecom
> > vendor?  Something with well established decision
> > criteria, not just a high level guide to performing a
> > risk assessment.
> >
> > Thanks in advance,
> >
> > Ron
> >
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> >
>
>
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list