9

As part of a large organization looking to implement VoIP, to get on the bandwagon of savings and converged network focus, I'm being asked to look at the security concerns to develop a policy to help define a direction.

Since I'm a geek first, and a security person second I started immediately down the road of "What is currently possible" when it comes to securing VoIP. I've implemented VoIP at other organizations in the past few years, and I'm familiar with vanilla MGCP and SIP as call control mechanisms. But from what I'm aware (and what the NIST so handily reminded me with their publication on VOIP security) is that in terms of a secure implementation there are very few options.

MGCP is not built for security, it performs call handling and does that job well. If you were to put an MGCP interface open to a large audience it could be used to perform anything from toll fraud to silent monitor setups, depending on what features your system supports.

SIPs on the other hand allows for authentication and encrypted call handling with TLS (aka SIPS.) I've heard Cisco implements MGCP and SRTP to give you an encrypted conversation, but since MGCP itself isn't secure it seems to break the trust model and requires an IPSec secured channel to facilitate this over the wider network securely.

I guess ultimately my question is: Is there really an option beyond SIPS and SRTP that provides end to end secure authentication, maintains integrity, and confidentiality or should I just write the policy to such that ultimately it will specifically require these technologies?

The environment requirements include anything from a mixed desktop environment in a relatively secure environment to a work at home scenario for the end users. Ideally one specification should be used to define the "minimum" required for all.

AviD
  • 72,708
  • 22
  • 137
  • 218
Ori
  • 2,757
  • 1
  • 15
  • 29

2 Answers2

4

TLS doesn't provide end to end security in SIP, because of the routing architecture.

SIP messages are transmitted from the user agent through SIP routers, and TLS encryption only happens between user agent and routers and between routers.

You could use S/MIME to encrypt and/or sign parts of the SIP messages from one user agent to an other.

For media streams protection, SRTP and ZRTP are fine.

Géal
  • 156
  • 2
  • welcome to the site, and thanks for the great answer! – AviD Jun 09 '11 at 20:36
  • I was hoping not to recommend a scenario that requires PKI, but it seems inevitable. S/MIME can do the job, and in digging I think you're on the money. – Ori Jun 10 '11 at 03:38
  • There is a lot of research around using IBE (identity based encryption) to simplify key management in VoIP. It would be a good idea to investigate these solutions. – Géal Jun 10 '11 at 12:34
2

SIP is an interesting beast to deal with, simply because there is a lot of people who offer SIP solutions that have a lot of differences under the hood.

In terms of SIP security, you have two options that I've seen deployed SRTP, ZRTP. ZRTP is supposed to be an improvement on top of SRTP, so it should be preferred. Since it is a DH key exchange, you could in theory have an internal CA that would generate certificates that all the employees would be using.

I don't know anything about SIPS, but it sounds like you have all the advantages of TLS, so that could be a good answer. What I said about an internal cA would apply here as well.

You could have a look at Jitsi, which is probably the SIP client with the most features you are looking for.

malaverdiere
  • 121
  • 2
  • Doesn't ZRTP only deal with key exchange for the SRTP encryption of the endpoints? – Ori Jun 08 '11 at 08:06