[VOIPSEC] Using SRTP for University project
Cesc Santasusana
cesc.santasusana at nl.thalesgroup.com
Mon Mar 27 03:10:23 CST 2006
I think we all agree that it is a tough choice :)
I also sort of agree that, given the good security vs complexity ratio
of SDES, it has high chances of becoming the most widely used ...
Now, i still think it is sort of a poor-mans solution.
- "joe average" (say ... 99% of the users) doesn't care about the
security ... he even does not care (much) about his call being
wiretapped (the current pstn allows that too) ... give him free
unlimited calling, he'll be happy.
- for the rest of users, that small minority ... they do care about
security ... they do NOT want their calls being intercepted ... so SDES
just doesn't cut it for them. And actually, this is probably a niche
market ... but very powerful ... economically, i mean. Enterprises don't
want (or should not want, we just have to educate them ;D ) their calls
among employees being intercepted (by any government). The government
itself does not want his calls being intercepted ... and so on and so
on. And here is where MIKEY (and others) have its chances ... but there
won't probably be just one survivor here
Cesc
>>> "Christian Stredicke" <Christian.Stredicke at snom.de> 03/25/06
06:33am >>>
It is hard to make a decision which way to go, because you will have
many people jumping at you and one who smiles. My gut feeling is that
the most simple one will survive in this game. And that is sdes "IMHO".
It does not solve all problems of the world, but according to the
comparison table the effort for implementation and what you get seem to
be in a good radio. Plus I know at least four companies who support this
at the moment.
CS
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org
> [mailto:Voipsec-bounces at voipsa.org] On Behalf Of Cesc Santasusana
> Sent: Friday, March 24, 2006 4:16 AM
> To: Christian Stredicke; Voipsec at voipsa.org
> Subject: Re: [VOIPSEC] Using SRTP for University project
>
> Hi Christian,
>
> I hope that "with jaws down" you also imply a certain feeling
> of sadness .... i mean, if we ever want to create an
> interoperable standard, such multi-path ways (there were 10
> different key exchange mechanisms!) cannot survive.
> There is an ongoing discussion in the sip-implementors about
> how
> SIP-defines-primitives-only-and-then-we-can-not-interoperate-b
> ecause-the-services-are-not-well-defined ... so, not just
> that we cannot make a call transfer among two phones ... it
> seems we won't even be able to negotiate a secure phone call
> ... unless of course you use two terminals from the same
> manufacturer ... again, we are creating "islands" ...
>
> Anyway ...
>
>
> Cesc
>
Unclassified
>
> >>> "Christian Stredicke" <Christian.Stredicke at snom.de>
> 03/23/06 09:52pm
> >>> >>>
> Regarding the way to exchange the keys there was an excellent
> presentation at the IETF by Dan Wing
> (http://www3.ietf.org/proceedings/06mar/slides/raiarea-1.ppt).
> I must say I was sitting in the meeting with jaws down, cuz
> I did not even know about the amazing wide choice that exists
> about exchanging the keys.
>
> I hope the IETF does not start a round table that comes up
> with ten more proposals. I got a little bit the feeling that
> the implementors make their decision by picking the most
> simple one. In the snom case that would be sdes. And I know
> that other vendors also went that way.
>
> Christian
>
> > -----Original Message-----
> Unclassified
> > From: Voipsec-bounces at voipsa.org
> > [mailto:Voipsec-bounces at voipsa.org] On Behalf Of M Rizal B Azmi
> > Sent: Thursday, March 23, 2006 10:31 AM
> > To: Voipsec at voipsa.org
> > Subject: [VOIPSEC] Using SRTP for University project
> >
> > Does anyone know the inner-workings of a Snom 360 softphone?
> > Such as the type of key exchange used, etc. The configuration menu
> > only contains the ON or OFF option for SRTP. Thanks.
> >
> > Regards,
> > Rizal
> >
> > Voipsec-request at voipsa.org wrote: Send Voip
sec mailing list
> > submissions to Voipsec at voipsa.org
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> > or, via email, send a message with subject or body 'help' to
> > Voipsec-request at voipsa.org
> >
> > You can reach the person managing the list at
> Voipsec-owner at voipsa.org
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of Voipsec digest..."
> >
> >
> > Today's Topics:
> >
> > 1. Siemens offers cordless encryption phone Re: Voipsec Digest,
> > Vol 15, Issue 27 (Albert)
> > 2. Re: I am a freshman in this forum:) (gary madsen)
> > 3. Re: SRTP (Weidong Shao)
> >
> >
> >
>
----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Wed, 22 Mar 2006 13:55:15 +0100
> > From: Albert
> > Subject: [VOIPSEC] Siemens offers cordless encryption phone Re:
> > Voipsec Digest, Vol 15, Issue 27
> > To: Voipsec at voipsa.org
> > Message-ID: <5b1697e10603220455o3bea119l at mail.gmail.com>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > - sorry for the plug but, while the discussion rages on,
> the rss feed
> > reported:
> >
> > a) Mobile VOIP needs high-speed uplink Commercial offerings
> not likely
> > until operators perpare their networks
> >
> > By John Blau, IDG News Service
> > March 13, 2006
> >
> > http://www.infoworld.com/article/06/03/13/76374_HNmobilevoip_1
> > .html?source=rss&url=http://www.infoworld.com/article/06/03/13
> > /76374_HNmobilevoip_1.html
> >
> >
> > b) Siemens offers cordless encryption phone Siemens phone ensures
> > maximum security and accelerated encryption process
> >
> > By John Blau, IDG News Service
> > March 09, 2006
> >
> > http://www.infoworld.com/article/06/03/09/76269_HNencryptionph
> > one_1.html?source=rss&url=http://www.infoworld.com/article/06/
> > 03/09/76269_HNencryptionphone_1.html
> >
> >
> > c) Siemens unit seeks growth beyond phones Siemens teams
> with Yahoo
> > to let users make/receive VoIP calls through Yahoo Messenger with
> > Voice
> >
> > By John Blau, IDG News Service
> > March 09, 2006
> >
> > http://www.infoworld.com/article/06/03/09/76271_HNsiemensbeyon
> > dphones_1.html?source=rss&url=http://www.infoworld.
> >
> > (and the article reminds us that there is already a dongle
> for skype
> > which was released last year)
> >
> >
> >
> > ------------------------------
> >
> > Message: 2
> > Date: Wed, 22 Mar 2006 08:46:36 -0600
> > From: "gary madsen"
> > Subject: Re: [VOIPSEC] I am a freshman in this forum:)
> > To: "Julian Minard"
> > Cc: Voipsec at voipsa.org, Eliot Liu
> > Message-ID:
> > <84789390603220646t446de476y40baf5a4f56bdf7d at mail.gmail.com>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > You may want to look at some of the other VoIP security whitepapers
> > collected here for a decent foundation:
> >
> > http://www.voipsa.org/Resources/whitepapers.php
> >
> > Cheers,
> > Gary
> >
> > On 3/21/06, Julian Minard wrote:
> > > I'm a novice, too.
> > > Interesting paper. I was struck by the fact that the
> > writer never referred to any security problems in the H.323
> > Recommendations. If, by implication, there are no security
> problems
> > with 323 why arent we pressing to continue with the old 323 and
> > ignore SIP, rather than the other way round?
> > > Maybe the writer just ignored security problems in 323...
> > > Julian Minard
> > >
> > > -----Original Message-----
> > > From: Voipsec-bounces at voipsa.org
> > [mailto:Voipsec-bounces at voipsa.org]
> > > On Behalf Of Jerome Athias
> > > Sent: Tuesday, March 21, 2006 3:31 PM
> > > To: Eliot Liu
> > > Cc: Voipsec at voipsa.org
> > > Subject: Re: [VOIPSEC] I am a freshman in this forum:)
> > >
> > >
> > > Maybe this one could interest you:
> > >
> > >
> >
>
http://www.xmcopartners.com/whitepapers/voip-security-layered-approach
>
> > .pdf
> > >
> > > Regards
> > > /JA
> > > https://www.securinfos.info
> > >
> > > Eliot Liu a ?crit :
> > > > Hello, everyone! I am a graduate student in China. And
> I am very
> > > > interested in SIP-based VoIP System. I know that there are many
> > > > threats in VoIP, and some of the threats are difficult
> to tackle.
> > > >
> > > > These days, my boss told me to use the PKI to help improve the
> > > > security of the SIP-based VoIP System. I found some paper
> > from the
> > > > Internet, and read them. However, I am confused very
> much. Could
> > > > someone here give me some advice?
> > > >
> > > > Thanks!
> > > >
> > > > Bill
> > > >
> > >
> > > _______________________________________________
> > > Voipsec mailing list
> > > Voipsec at voipsa.org
> > > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> > >
> > > _______________________________________________
> > > Voipsec mailing list
> > > Voipsec at voipsa.org
> > > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> > >
> >
> >
> >
> > ------------------------------
> >
> > Message: 3
> > Date: Wed, 22 Mar 2006 16:41:10 -0800
> > From: "Weidong Shao"
> > Subject: Re: [VOIPSEC] SRTP
> > To: Voipsec at voipsa.org
> > Message-ID:
> >
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > I have some comments inline,
> >
> > Weidong Shao
> >
> > Geoff Devine gdevine at cedarpointcom.com wrote:
> >
> > A few comments on this thread:
> >
> > My perspective is dealing with these issues for a huge
> carrier-class
> > media gateway and soft switch. Whenever I look at a protocol, I
> > always ask, "How do I scale it?" and "How do I make it redundant?"
> >
> > SRTP is "cheap" until you're trying to terminate tens of
> thousands of
> > streams at a big media gateway. Depending on DSP
> architecture (memory
> > is often the limitation), security in the DSP ends up
> costing you at
> > least 10% in codec density.
> > You can buy a very nice yacht for the price of the DSP cards
> > necessary to terminate 10,000 compressed voice calls.
> > Power and heat dissipation also become a big issue. We ended up
> > putting media security in an FPGA so it wouldn't impact our channel
> > density.
> >
> > Making SRTP redundant is a little bit painful. A wrap count of the
> > 16-bit RTP sequence number is used to prevent replay
> attacks. You use
> > this wrap count to derive the keying information and you fail
> > authentication if both ends don't have the same RTP sequence number
> > wrap count. At the packet inter-arrival rates typical for
> RTP voice,
> > the sequence number wraps every 5 or 10 minutes.
> >
> > >>> what do you mean for " making SRTP redundant? ".
> > >>> what has it to do with seq number wrapping?
> > >>> Do you mean a solution where media path or media gateway can
be
> > load balanced?
> >
> >
> > I'm quite comfortable with sdescriptions since it looks
> very much like
> > what we use in the PacketCable VoIP over Cable standards.
> When you're
> > trying to implement features like Lawful Intercept and Busy Line
> > Verify, life is much easier when core elements inside the walled
> > garden can see the keying material in the clear. You have
> to pick a
> > key exchange mechanism appropriate to your architecture.
> > Sdescriptions is fine for a walled garden architecture.
> > Something like MIKEY is more appropriate for a peer to peer
> > architecture.
> >
> > >>> MIKEY is end-to-end, so how can you do LI ? how do you
> > get the key?
> > >>> sdescriptions allows the call control to have access to
> the keying
> > materials so call monitoring or key access is possible. It is also
> > easier to implement.
> >
> >
> > We're off building a redundant TCP/TLS solution at the moment.
> > TCP/TLS is extremely painful to make redundant and TCP poses
> > significant memory consumption scaling issues when you have tens of
> > thousands of TCP connections. UDP/IPSec is muc
h easier to
> scale and
> > make redundant. In IPSec, you have a 32-bit sequence number
> as state.
> > To make it redundant, all you have to do is checkpoint the
> Tx sequence
> > number state from time. When you fail over to the
> redundant instance,
> > you take a "giant step" (add a big number like 64K) to the
> Tx sequence
> > number.
> > It's little surprise that the two mass market commercial VoIP
> > solutions that have security, PacketCable & 3GPP, both use
> UDP/IPSec.
> >
> > >>> for the redundancy concern, are you referring the voice
> > signaling path?
> > or RTP(SRTP) path?
> > >>> hop-by-hop security through IPSEC has its own problems in
> > network configuration
> > and scalability.
> >
> > Geoff Devine
> > Chief Architect
> > Cedar Point Communications
> >
> >
> >
> > ------------------------------
> >
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> >
> >
> > End of Voipsec Digest, Vol 15, Issue 28
> > ***************************************
> >
> >
> >
> > ---------------------------------
> > .: Beta :.
> >
> > www.myspace.com/BetaRawks
> > www.i-bands.net/audiovault/Beta
> >
> > ---------------------------------
> > Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the
> US (and 30+
> > countries) for 2¢/min or less.
> > _______________________________________________
> > Voipsec mailing list
> > Voipsec at voipsa.org
> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
> >
> >
> >
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
>
>
More information about the Voipsec
mailing list