SIP evesdropping/security

- M
- Martin 53N 1W
  
  Contact options for registered users
posted
19 years ago

Fri, Aug 13, 2004 9:11 AM

For SIP:

Is there a secure version?

Can SIP calls be evesdropped by someone else on the lan or internet??

Is there an encrypted version?

Thanks, Martin

- K
- Kurt Jaeger
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Fri, Aug 13, 2004 12:50 PM

There are two parts in SIP: The control channel (SIP) and the signal itself (RTP).

For RTP: SRTP

See e.g.:

formatting link

- S
- Steve Blair
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Fri, Aug 13, 2004 9:24 PM

There is sRTP for the media stream.

Yes provided you have access to the data. Ethereal can capture, decode and manipulate the media.

See IETF web site for sRTP.

- T
- T. Sean Weintz
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Fri, Aug 13, 2004 9:28 PM

Yes, it can be EASILY eavesdropped. To see how, download the latest ethereal - you can actually export the audio of a capture to an ".au" file and play it back, email it to friends to laugh at, etc.

- M
- Martin 53N 1W
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Sun, Aug 15, 2004 10:13 PM

[...]

Thanks.

So, unencrypted sip calls are easily eavesdropped if the link is accessible... (See ethereal.)

Do the commercial VoIP providers encrypt the signal traffic?

Or are all your VoIP internet calls 'out in the open'?

Regards, Martin

- S
- stephen
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Mon, Aug 16, 2004 7:13 PM

dont think so.

Some of the IP PBX manufacturers support encryption (e.g. Avaya. Cisco maybe Mitel), but i dont think there are any mature standards for this, and little interoperability between equipment types.

sort of - but they could only be intercepted if the "bad guy" had access to a link on the route between the 2 end points - exactly the same as for a TDM / ISDN / "normal" phone call.

this may be similar to the arguments about just how useful https is in practice - i havent come across any documented instances where a credit card number or other info is disclosed by snooping on a conversation between end points - it is much easier to break into the client PC or web server and get at the data there.

- M
- Martin 53N 1W
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Mon, Aug 16, 2004 8:12 PM

[...]

Hence the weakest and most vulnerable parts are at each end on the local lans... (Assuming that we can 'trust' our telcos.)

Thanks, good answer.

Regards, Martin

- J
- James Body
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Mon, Aug 16, 2004 8:39 PM

If you want hardware with SRTP support, look at the SIPURA SPA-2000.

For UK/EU -

formatting link

For USA -

formatting link

- R
- Roddaman
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Tue, Aug 31, 2004 11:49 AM

So you are saying that one's ISP or LAN admin can easily eavesdrop on all SIP calls, even if the SIP network one uses employs MD5 and MD5-sess for DIGEST authentication and encryption?

In other words, do they not have to crack MD5 and MD5-sess before they can eavesdrop?

Also, when a SIP network says they support MD5 and MD5-sess for DIGEST authentication and encryption, does this mean that they are encrypting every word of every conversation, or just the authentication process?

Thanks in advance!

Roddaman