[VOIPSEC] What methods of encrypting SIP signaling are out there other than TLS encryption?

Fri Aug 17 07:51:07 CDT 2007

I have recently study IAX2 ciphering, and I’m asking: why don’t make a softphone who be able to support IAX2 encryptions, and authentications specifications? The IAX2 ciphering process appears to be ok (I’am wrong?), so, why not develop a safe client? It will provide a better privacy for communications, with IAX2 advantage (like NAT and Firewall traversal). Moreover the required bandwidth is less than SIPs or other protocols.
I’ am looking to your responses.
Melvin.> From: gkheterpal at ismartpanache.com> To: dan_york at Mitel.com; voipsec at voipsa.org> Date: Fri, 17 Aug 2007 12:21:55 +0530> Subject: Re: [VOIPSEC] What methods of encrypting SIP signaling are out there *other than* TLS encryption?> > Dan,> > You can take a look at minisip (www.minisip.org). It is one of the most> advanced open source UAC in terms of security aspects (including encryption,> authentication etc) for signaling as well as media. > > I believe SIPS over TLS is the de-facto standard for signaling encryption in> SIP world. Then there's DTLS (RFC 4347) which is available as part of> OpenSSL library. There was a proposal to use DTLS ( Secure SIP UDP over> DTLS) in Minisip but I'm not sure whether it ever got implemented.> > You might also want to take a look at interesting thesis -> http://www.minisip.org/publications/ErikEliasson_LicentiateThesis.pdf> > which suggests an approach to combine S/MIME, SDES & MIKEY to encrypt> signaling, session description & payload.> > Regards,> Gaurav> > > > -----Original Message-----> > From: voipsec-bounces at voipsa.org [mailto:voipsec-bounces at voipsa.org] On> > Behalf Of dan_york at Mitel.com> > Sent: Friday, August 17, 2007 6:38 AM> > To: voipsec at voipsa.org> > Subject: [VOIPSEC] What methods of encrypting SIP signaling are out there> > *other than* TLS encryption?> > > > VOIPSEC readers,> > > > Question for the list... someone recently asked me if there were methods> > of encrypting SIP *other than* TLS-encryption (SIPS) in common usage?> > > > I pondered that for a bit but I couldn't honestly think of any other> > implementations that I have heard about recently (in the open standard> > world - there are of course always proprietary encryption schemes). I> > recall some people doing some work with S/MIME-encrypted SIP, but I don't> > remember that going anywhere (am I wrong?). All the vendors, SBCs,> > firewalls, etc. that I could think of use TLS-encrypted SIP as the method> > of securing SIP signaling. (Well, okay, I do remember hearing of someone> > nailing up an IPSec VPN between the set and the IP-PBX and routing all SIP> > and voice over the IPSec VPN, but for me IPSec seems a wee bit too> > heavyweight.)> > > > Are there other SIP encryption mechanisms out there that I'm forgetting?> > > > Note that I am talking about *SIP* signaling encryption and NOT about SRTP> > encryption. I'm well aware of all of the various SRTP encryption> > mechanisms.> > > > Thanks,> > Dan> > > > --> > Dan York, CISSP> > Dir of IP Technology, Office of the CTO> > Mitel http://www.mitel.com> > dan_york at mitel.com +1-613-592-2122> > PGP key (F7E3C3B4) available for> > secure communication> > > > _______________________________________________> > Voipsec mailing list> > Voipsec at voipsa.org> > http://voipsa.org/mailman/listinfo/voipsec_voipsa.org> > > _______________________________________________> Voipsec mailing list> Voipsec at voipsa.org> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
_________________________________________________________________
Besoin d'un e-mail ? Créez gratuitement un compte Windows Live Hotmail et gagnez du temps avec l'interface à la Outlook !
http://www.windowslive.fr/hotmail/default.asp