how to Improve security in minisip?
Werner Dittmann
Werner.Dittmann at t-online.de
Fri May 18 14:43:00 CEST 2007
Cesc,
well, it's actually a bit more complicated then just using DTLS
and then, all of a sudden, have a secure SIP or secure RTP with DTLS.
For example:
- DTLS adds some overhead to the protocol and this would impact RTP
as real-Time protocol and would use bandwidth, thus SRTP would be
better.
- Using DTLS for SIP could work, however TLS (and thus DTLS) works
best in a cleint/server environment where the client checks the
server's certificate. SIP is a peer-to-peer protocol, the SIP proxies
are just proxies - it's just not enough to check a proxy's certificate,
the other peer's certificate is the interessting part.
As Bruce Schneier says: security is not just a protocol, it's process and
one need to look at the complete picture.
Regards,
Werner
Cesc wrote:
> Werner,
>
> I scanned through it and it looks worth reading.
>
> As for the discussion, DTLS vs ZRTP vs Mikey ... well, without being
> too much involved and having not too much to back my case up, DTLS
> looks promising, as one same protocol (implementation) may help solve
> most of the problems ...
> - secure SIP UDP over DTLS
> - secure RTP with DTLS
> But as I am a strong believer that the one-fits-all does not exist or
> is not possible in IETF ... so be it, we'll have to make do with all
> three and let the user pick :)
>
> Cesc
>
> On 5/18/07, Werner Dittmann <Werner.Dittmann at t-online.de> wrote:
>> Cesc,
>>
>> here the missing link :-) :
>>
>> <http://www.fsfe.org/en/content/download/32472/201002/file/KeyNegotiationOverRTP.pdf>
>>
>> Regards,
>> Werner
>>
>>
>> Cesc wrote:
>>> Hi Werner,
>>>
>>> Great info.
>>> Actually I just follow lightly the rtpsec group, so I missed your last remarks.
>>>
>>> As to what is good for minisip ... well, it gets a bit difficult, because having
>>> Mikey ... and ZRTP already implemented ... adding DTLS just adds to
>>> the complexity.
>>> But I think that this is one of the reasons of minisip, to experiment
>>> and give options.
>>>
>>> Regards,
>>>
>>> Cesc
>>> PS - I think the link to the DTLS-attacks document is missing :)
>>>
>>> On 5/17/07, Werner Dittmann <Werner.Dittmann at t-online.de> wrote:
>>>> Hi Cesc, all,
>>>>
>>>> regarding DTLS/SRTP I was activly involved in the rtpsec discussions.
>>>>
>>>> The statement "ZRTP violates layer separation" is no longer true
>>>> with the latest specification of ZRTP - it is not an protocol on its
>>>> own and that uses the same RTP connection (multiplexing) similar to
>>>> DTLS which is also using the same RTP connection.
>>>>
>>>> Here a link to d PDF doc that show some attacks to DTLS/SRTP (this
>>>> is a document under construction, some chapters are missing). The
>>>> attack I describe in the document was confirmed by some peer
>>>> reviews.
>>>>
>>>> Just a few days ago I finished the implementation of ZRTP Version 3
>>>> and I'm looking into the build process of minisip (again) to have
>>>> a better separation, i.e. have the ZRTP library independent of minisp
>>>> and provide only the minisip dependent glue code inside the minisip
>>>> project. Of course the ZRTP lib is GPL :-) and will be available.
>>>>
>>>> Regards,
>>>> Werner
>>>>
<SNIP> ---- <SNAP>
More information about the Minisip-devel
mailing list