Secure VoIP, an Achievable Goal

An anonymous reader writes "ITO is running a comprehensive article on VoIP security issues and how one can protect against them: "VoIP creates new ways of delivering fully-featured phone services that promise big cost savings and open the way for a whole new range of multimedia communication services. After years of 'will it, won't it' speculation and unfulfilled predictions of universal adoption, Gartner is now positioning VoIP firmly on its way to the 'plateau of productivity' on its widely-respected technology hype cycle. But questions about its security and reliability persist.""

Re:I'd like to be able to hear the pin drop first.

[Billosaur]

I love the features and I want them to keep coming, but I'd like to see the audio quality improve too!

I'm more interested in the security aspect. Cell phones used to be atrociously noisy but the technology rapidly evolved to where, when your call isn't being inconveniently dropped, you can hold a conversation that's pretty clear. It will take VoIP a while, but in the end the audio quality will match what the phone company offers now. I just hope the prices don't start to balloon shortly thereafter.

Secure VoIP is easy

[jonwil]

When you make a call to another VoIP user (e.g. vonage to vonage), the entire call would be encrypted end-to-end with keys known only to the clients at either end.
The vonage server in that case would only exist to do call setup, teardown and control etc.
If you are making a call to a PSTN user, its encrypted all the way from you to the PSTN connection link server again with keys known only to both ends.

I am sure there are ways to handle secure key exchange and such to make this actually work (and ways that dont require the user to know anything about how to create keys and other things)
And there are encryption algorithims good enough to use for real-time encryption of compressed voice data.

With this idea, no-one between the 2 points can listen to the phonecall. (other than what can normally be done on the PSTN side of the PSTN linkup if it is a PSTN call)

My Problem With VoIP

[IflyRC]

I checked into getting it a year or so ago and just couldn't see the rationality in it. I have a DSL line because I hated my cable company - even to the point of switching to satellite tv.

Granted, I hate the phone company too so I was going to check into a VoIP solution just so I didn't have to pay the phone company "as" much as I currently did. So, the problem is - phone companies do not offer a data only DSL package. To even get DSL you have to have full phone package.

So, my choices...go back to the cable company. Nope!
Add $24.95 a month or so to an existing phone package just so I can run VoIP on my home DSL line. Nope!
Stick with what I have - which is what I did.

What are the current problems with VOIP security?

[Anonymous Coward]

I know that VoiP hacks are the holy grail right now in the script kiddie circles. I'm not aware of any though. It's misleading to suggest that it's "insecure" at the moment. We can bang it up a notch though, TLS all the way through would be a nice plus.

Now the reliability aspect is something else and it does need to be addressed, when people pick up a phone they expect and sometimes depend on it working. When they dial 911, they expect help to get to the right address. The building can be on fire and so long as there is a copper pair, your analog phone might get the job done.

Hmmm

[cyp43r]

Although,admittedly, I don't know much about VOiP, surely monitoring a dedicated landline would be much easier then trying to pick out the signals in the spare network traffic. As pointed out earlier, it is nearly always encrypted...what will happen next? Products to lockdown telephones? I'd like an encrypter on my landline personally.

VoIP crypto with Diffie-Hellman?

[jkeychan]

Just curious, but if we're talking about key exchanges over an insecure medium, why can't we do a Diffie-Hellman key exchange, similar to what is used for IPSec tunnel negotiation? It seems like VoIP devices could establish tunnels to remote endpoints via GRE and/or IPSec and pass their H.xxx protocol data over that tunnel. Is this not technically possible, or is it possible, just not scalable/cost effective?

Re:I'd like to be able to hear the pin drop first.

[DarthBart]

You have to draw a distinction between "voip" and "voip over the Internet". VOIP over the internet will almost never reach full toll quality all the time, simply due to the dynamic nature of the public internet (variable delay, packet loss, jitter, all that happy horsestuff).

I run an Asterisk-based switch for all the company PBX traffic as well as a separate one for our VSAT satellite customers. We have full control over all aspects of the network and we have our own PSTN termination circuits, so there has never been an issue with quality.

Voip is HUGE and these are very minor hangups

[Tepshen]

Alot of the issues mentioned in this article are worked out for everyday use. I work for a company that bids on and installs VOIP systems for large business's and the reason its getting so big is that switching from a legacy system to a VOIP system nearly PROMISES a 20% reduction in communication costs. We put together a package for FSU that saved them about 40-50% over the system they had been using. the biggest problem the VOIP market faces these days is disbelief from controllers regarding the potential savings. they just dont think its possible.

Re:VoIP crypto with Diffie-Hellman?

[Waveguide04]

A number of approaches can use DH. http://www3.ietf.org/proceedings/06mar/slides/raia rea-1/raiarea-1.ppt [ietf.org] The tunneling aspect is not so straight forward with voip since the signalling and bearer channels are not necessarily going to the same place. Another challenge with VoIP encryption is how to deal with non point-to-point streams, ie. conference calls. The device doing the audio/video bridging needs to maintain key pairs with all connected participants which in itself isnt all that bad, but from a users perspective all you know is that you have a secure session to the bridge, you do not know who else the bridge has sessions with and if it is (intentionaly or not) leaking your audio to someplace it shouldnt be.