Encrypting voice traffic
The team's adventures with encrypting VoIP traffic produced one of those good news/bad news stories. On the plus side, the team found very good interoperability among multiple vendors' IP phones, proxies, and security gateways. In fact, team member
Craig Watkins of Transcend, says the team encountered "no reproducible problems" with the secure real-time transport protocol (SRTP), which adds encryption, message authentication, and integrity checking for voice and video traffic.
The vendors contributing to the successful SRTP interoperability demo included AudioCodes, Avaya (both for PBXs and phones), CounterPath, Grandstream, Ingate, and Snom. The team also used the open-source Asterisk PBX and SER SIP proxy.
On the downside, SRTP encrypts only media flows, not signaling traffic. Further, it doesn't describe a method for exchanging the keys needed to set up an authenticated and encrypted session.
The team used the session description (SDES) method for key exchange because it's simple, and it's available today on a variety of equipment. However, the IETF is likely to adopt different key exchange methods for standardization work because of issues with SDES, some of which the team wrestled with at hotstage. For example, since SDES involves the transfer of sensitive keys to set up an encrypted channel, the key exchange itself needs to be encrypted. The iLab team's workaround was to use SER, an open source SIP proxy as a front end to Asterisk, and a heavily patched version of Asterisk to handle SRTP.
In building these demos, the iLabs team looked like regulars on the Mythbusters TV show, moving from small proof-of-concept models to full-blown tests. Unlike the television show, nothing blew up -- but in the course of its work the team did demonstrate that building scalable, secure VoIP networks is no myth.
Newman is president of Network Test, an independent test lab in Westlake Village, California. He can be reached at dnewman@networktest.com.