[VOIPSEC] [CAnet - news] Assessing Skype's network impact
Simon Horne
s.horne at packetizer.com
Tue Dec 20 09:07:50 CST 2005
At 05:35 PM 20/12/2005, AVM wrote:
>On 12/19/05, Thomas Skora <voip at skora.net> wrote:
> >
> > "Christopher A. Martin" <chris at InfraVAST.com> writes:
> >
> > >>The G.729 codec in fact uses only 6.4 - 11.8kbps bandwidth per call, and
> > >>is a much better demonstration to customers of VoIP potential (there's
> > >>nothing like a dropped call/low audio quality to send a customer
> > >>running, screaming out the door!) I have found that codecs like G.711
> > >>(which is 64kbps) can only manage about 2 concurrent calls before audio
> > >>quality takes a severe nose dive.
> > >>
> > >>
> > >>
> > > One other point to note is that the overhead includes encryption with
> > > skype, as well as firewall traversal.
> >
> > Both task have never take place in the media stream. Look at SRTP, how
> > many overhead the encryption causes here.
> >
> > Thomas
>
>
>Hello,
>As Thomas pointed out, encryption would take place in the system before it
>leaves the system. As far as the symmetric encryption is not going to any
>overhead in the bandwidth except padding at the last block and few bytes of
>header information.
The encryption is not the problem it is the authentication (signing)
component, this adds a lot of overhead. In theory to encrypt a G.711 frame
with AES256 should only add 0.5 kb/s to the actual bandwidth but the
authentication component is over and above that which is why SRTP adds
quite a bit more bandwidth.
The method we adopted only encrypts the payload (no authentication
component) of the RTP frame leaving the header intact, allowing it to be
handled by legacy equipment. We are able to get very efficient ciphering
with low latency with very low bandwidth increase.
Simon
More information about the Voipsec
mailing list