[VOIPSEC] Why a secure keyechange for media encryption?
Weidong Shao
weidongshao at gmail.com
Fri Apr 28 02:55:59 CDT 2006
you have a point here. It is nice to have encrypted signalling and then the
media key can simply be sent over the signaling channel.
But encrypted signaling is problematic with firewalls or ALGs (which are
often necessary for NAT rewrite), and if there are multiple hops in the
signaling path, you then need to have hop-by-hop signaling encryption. Then,
the question is, how do you manage key management for each segment of
signaling path?
Weidong
On 4/28/06, Michael Prochaska <tm021090 at fh-stpoelten.ac.at> wrote:
>
> hi,
> i'm a student and are working on my diploma thesis (VOIP security with
> open standards)at the moment.
>
> i know the question is a little bit provocative.
>
> in my eyes there are the following vulnarabilities / problems for
> signaling:
>
> - SPIT
> - unauthorised use of account
> - identity forgery
> - session highjacking
> - loss of anonymity
> - replay
>
> and the following vulnarabilities for the media stream:
>
> - replay
> - eavesdropping
>
> any additions are welcome :-)
>
>
> the outcome of this is that the signaling is "the bigger" problem.
>
> in which situations it might be usefull to encrypt and authorize only
> the mediastream ? i thing the goal must be a secure signaling. when i
> have a secure signaling, why not exchange the key plain over the
> signaling channel?
>
> any comments are very welcome!
>
> best regards,
> michael
>
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>
More information about the Voipsec
mailing list