[VOIPSEC] Voipsec Digest, Vol 8, Issue 26

Randell Jesup rjesup at wgate.com
Thu Sep 15 17:52:55 CDT 2005 

Albert <caruabertu at gmail.com> writes:
>The gist of this interesting chain seems to be that the VOIP regulatory 
>bodies must agree on a common set of encryption requirements, however bad, 
>to get VOIP started
>
>WIFI started out with WEP and that, while portable and cell-phones may use 
>encrypted communication to the nearest base station, to my knowledge it is 
>not compulsory everywhere 
>Further, the encryption protocols and algorithms used for DECT and GSM do 
>not appear to be too strong either.
>
>Am I being too optimistic of the capabilities of the engineers designing 
>VOIP security? ...

        VoIP is more susceptible to MiTM and sniffing attacks than
cellphones - and the lack of encryption on cells and older portables was 
a real problem.  Plus the public is more wary of insecure things on the
internet than "wireless" devices.

        If we don't get it right, either it won't happen at all, or it will
happen badly.  Both have significant negative effects.

>my EURO0,02 re the delay for key negotiation
>
>I think that a 2-3 second delay in *setting up* a call is perfectly 
>acceptable seeing the usual time it takes to establish any phone connection. 
>In my mind it is analogous to the security checks at the airport before 
>boarding the plane.

        That analogy will send users screaming in the other direction.
"Security checks at airport" == "ridiculously tedious".

        This is actually a serious degradation in what most people consider
normal operation.  Yes, cellphones _can_ take seconds to set up a call.
People tolerate this, they don't like it.  They make jokes about
cell phone quality, etc for a reason.

        Also realize this is 2-3 seconds after hitting Talk (or picking up
the phone, or whatever).  This isn't setup delay, it's answer delay.

>I do not imagine voip suppliers to be so naive as to wait for the next key 
>negotiation to be overdue before starting to calculate what is needed if 
>periodic key changes are required to maintain a link.

        SRTP keys in a VoIP channel effectively never *need* rekeying.
It's 2^31 RTCP packets or 2^48 RTP packets between rekeyings.  Not to
say you can't rekey sooner, but there's little or no added security so
far as I can tell.  (And maybe less in some instances.)

-- 
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com

More information about the Voipsec mailing list