Simson Garfinkel analyses Skype - Open Society Institute
Dan Kaminsky
dan at doxpara.com
Mon Feb 7 10:38:33 EST 2005
>Actually it's not that bad: using SIP, the RTP packets can be protected by
>SRTP (RFC3711, with an opensource implementation from Cisco at
>http://srtp.sourceforge.net/ )
>
SRTP...heh. Take a look at RFC3711 for a second.
"
Specification of a key management protocol for SRTP is out of scope
here. Section 8.2, however, provides guidance on the parameters that
need to be defined for the default and mandatory transforms.
"
VOIP KEX. *shudders* Voice is...unique. Session redirection is a
first class function, as is active proxying, up to and including proxies
that are payload-destructive (conference stream mixing). KEX in such an
environment is a really painful problem, compared to the relatively
solvable one of specifying a loss-tolerant encryption protocol. So,
they only solved the latter, and figured something would come along for
the former.
Didn't really happen.
(Full Disclosure: I work for Avaya, whose had a proprietary KEX
implementation that handles all of this for the last few years. So it's
not an unsolvable problem or anything like that. It's just really
annoyingly hard.)
--Dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list