[16831] in cryptography@c2.net mail archive
Re: Simson Garfinkel analyses Skype - Open Society Institute
daemon@ATHENA.MIT.EDU (Dan Kaminsky)
Mon Feb 7 17:40:00 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 07 Feb 2005 10:38:33 -0500
From: Dan Kaminsky <dan@doxpara.com>
To: Enzo Michelangeli <em@em.no-ip.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <052801c50cb1$72c3b3a0$0200a8c0@em.noip.com>
>Actually it's not that bad: using SIP, the RTP packets can be protected by
>SRTP (RFC3711, with an opensource implementation from Cisco at
>http://srtp.sourceforge.net/ )
>
SRTP...heh. Take a look at RFC3711 for a second.
"
Specification of a key management protocol for SRTP is out of scope
here. Section 8.2, however, provides guidance on the parameters that
need to be defined for the default and mandatory transforms.
"
VOIP KEX. *shudders* Voice is...unique. Session redirection is a
first class function, as is active proxying, up to and including proxies
that are payload-destructive (conference stream mixing). KEX in such an
environment is a really painful problem, compared to the relatively
solvable one of specifying a loss-tolerant encryption protocol. So,
they only solved the latter, and figured something would come along for
the former.
Didn't really happen.
(Full Disclosure: I work for Avaya, whose had a proprietary KEX
implementation that handles all of this for the last few years. So it's
not an unsolvable problem or anything like that. It's just really
annoyingly hard.)
--Dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
