[VOIPSEC] Eavesdropping on RTP - its UNLIKELY ?

Kaalund, Bruce Bruce_Kaalund at Cable.Comcast.com
Wed Mar 21 06:54:10 CDT 2007 

IMHO, the greater concern is the protection of the SIP signalling traffic.  I make the assumption that one is looking for a specific conversation, rather than surfing for any stream which may have juicy conversation. With this in mind, it becomes a non-trivial task to find the correct RTP stream without first identifying it through the interception of SIP signaling.  A possible enhancement may be to implement S/MIME as described in rfc3261, which would encrypt the SIP packets.  Of course, this would require proper key management.  Add this to SRTP (defense in depth) and your first bullet becomes much more of a challenge.  Adding the guessing of which codec to use would help to deter all but the most determined, who would capture the traffic (if there is no SIP and/or RTP encryption) and spend the time testing out codecs until they found a match. If the above controls were put in place, and if the overhead didn't impact throughput and quality, we MIGHT have voice service as secure as we appear to have on the PSTN (of course, CALEA becomes an issue, as the Government would either want keys or a back door to the encryption).
 
Bruce A. Kaalund
Director, Product Security
Comcast Cable
National Engineering & Technical Operations
1500 Market Street, Philadelphia PA 19102
e-mail -- bruce_kaalund at cable.comcast.com
Doveryai No Proverai - Trust but Verify
 
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

[VOIPSEC] Eavesdropping on RTP - its UNLIKELY ?

Derek MacmUrchy macmurchy at mail2web.com <mailto:voipsec%40voipsa.org?Subject=%5BVOIPSEC%5D%20Eavesdropping%20on%20RTP%20-%20its%20UNLIKELY%20%3F&In-Reply-To=> 
Tue Mar 20 23:38:03 GMT 2007 

*	Previous message: [VOIPSEC] Drazen Morog/DB AG/DE ist außer Haus. <<19.03.2007 - 22.03.2007>> <http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002278.html> 
*	Next message: [VOIPSEC] Grandstream Budge Tone-200 denial of service vulnerability <http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002280.html> 
*	Messages sorted by: [ date ] <http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/date.html#2279>  [ thread ] <http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/thread.html#2279>  [ subject ] <http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/subject.html#2279>  [ author ] <http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/author.html#2279>  

________________________________

Hello,

 

How vulnerable is unencrypted RTP stream to eavesdropping ?

 

Using the following scale:

 

 - HIGHLY PROBABLE. It is easy to exploit the vulnerability

and there is little or no protection in place.

 - POSSIBLE. The vulnerability might be exploited, but some

protection is in place.

 - UNLIKELY. The vulnerability is hard to exploit and the protection in

place is good.

 

 

I believe that for average value traffic it is at most a POSSIBLE maybe an UNLIKELY, I believe this for two reasons:

 

-is not that likely that an attacker will get in a position where they can access network flows; ok maybe the insider on the LAN scenario and Wifi are possibilities but other than that its not really likely.

 

- even if the attacker accesses the network stream they still require the correct codec to listen the voice stream - this may not be all that simple as there is a significant number of propriety Codecs which attackers may well not have acces to. I know this is security by obscuiry but it might reduce the risk

 

Any thoughts ?

 

Of course I still think SRTP complimented by good standard key agreement and authentication protcols is a must have. 

 

Laters 

Derek

More information about the Voipsec mailing list