Aktivate SRTP on linphone desktop ubuntu

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Aktivate SRTP on linphone desktop ubuntu

Devhils19
Hello, I am new to using Linphone. Here I want to use the *SRTP media
encryption* feature in *linphone console on Ubuntu*. I know that activating
the feature is done through the *linphonerc configuration file*, but I am
having trouble finding good documentation about activating the SRTP feature
in the linphonerc file. Does anyone know or can provide complete
documentation on activating the SRTP feature on desktop linphone?

Does the use of SRTP require TLS activation in a linphone? I know that TLS
functions to secure signaling traffic so sending encryption keys will be
safer. But if I send via another mechanism, is this still necessary? For
example, in the Zoiper application on android, the use of SRTP is required
to activate TLS. When choosing SRTP encryption media, TLS will be activated
automatically. I didn't find this in linphone, SRTP activation does not
require TLS.  So is it true that SRTP is required to activate TLS on
linphone?

Best Regards,
Hilman



--
Sent from: http://nongnu.13855.n7.nabble.com/linphone-developers-f38648.html

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers
Reply | Threaded
Open this post in threaded view
|

Re: Aktivate SRTP on linphone desktop ubuntu

Peio Rigaux

Hello.

Actually, params of the Linphone configuration file are not documented yet...

We are working on it, but it will take some time to review all params.


The options you are looking for is

"

[sip]

media_encryption=srtp

"

SRTP doesn't require TLS and TLS doesn't require SRTP on Linphone.

I don't know what you mean by "Another mechanism". If you are speaking about UDP or TCP, yes, your can use SRTP with them, but it will be less safe, as you said.


Regards,

Peio Rigaux
Junior Software Engineer
Belledonne Communications, the company behind Linphone
Linphone.org

Le 16/04/2020 à 14:13, Devhils19 a écrit :
Hello, I am new to using Linphone. Here I want to use the *SRTP media
encryption* feature in *linphone console on Ubuntu*. I know that activating
the feature is done through the *linphonerc configuration file*, but I am
having trouble finding good documentation about activating the SRTP feature
in the linphonerc file. Does anyone know or can provide complete
documentation on activating the SRTP feature on desktop linphone?

Does the use of SRTP require TLS activation in a linphone? I know that TLS
functions to secure signaling traffic so sending encryption keys will be
safer. But if I send via another mechanism, is this still necessary? For
example, in the Zoiper application on android, the use of SRTP is required
to activate TLS. When choosing SRTP encryption media, TLS will be activated
automatically. I didn't find this in linphone, SRTP activation does not
require TLS.  So is it true that SRTP is required to activate TLS on
linphone?

Best Regards,
Hilman



--
Sent from: http://nongnu.13855.n7.nabble.com/linphone-developers-f38648.html

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers

signature.asc (235 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Aktivate SRTP on linphone desktop ubuntu

Devhils19
thanks for the answer.
Now srtp on linphone is active. From the documentation I read, srtp uses two
encryption methods, AES and NullCipher, then how do I set the type of AES
encryption that I want to use and manage encryption with the Null Cipher?

Is it true that using the following parameters will enable the 128-bit AES
encryption method?

[sip]
srtp_crypto_suites = AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32


Hilman



--
Sent from: http://nongnu.13855.n7.nabble.com/linphone-developers-f38648.html

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers
Reply | Threaded
Open this post in threaded view
|

Re: Aktivate SRTP on linphone desktop ubuntu

Peio Rigaux

Hello.

I took a quick look at our rcfiles, and as far as I know there is no option to enable null cipher.

By the way, the null cipher is not performing any encryption!

Yes, using the parameter you provided will enable the 128-bit AES encryption method.

You can also use the 256-bit AES encryption method :

[sip]

srtp_crypto_suites=AES_CM_256_HMAC_SHA1_80,AES_CM_256_HMAC_SHA1_32


Regards,

Peio Rigaux
Junior Software Engineer
Belledonne Communications, the company behind Linphone
Linphone.org

Le 17/04/2020 à 08:21, Devhils19 a écrit :
thanks for the answer.
Now srtp on linphone is active. From the documentation I read, srtp uses two
encryption methods, AES and NullCipher, then how do I set the type of AES
encryption that I want to use and manage encryption with the Null Cipher?

Is it true that using the following parameters will enable the 128-bit AES
encryption method?

[sip]
srtp_crypto_suites = AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32


Hilman



--
Sent from: http://nongnu.13855.n7.nabble.com/linphone-developers-f38648.html

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers

signature.asc (235 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Aktivate SRTP on linphone desktop ubuntu

Devhils19
Thank again for the answer.

I know that in srtp there are three things that are guaranteed, one of which
is the confidentiality of the data package that is guaranteed through the
encryption process. In SRTP, there is a Null Cipher that does not guarantee
the element of confidentiality, but does guarantee the other two elements.
Here I am trying to use srtp with my own encryption method, thus replacing
the AES encryption method which is the default. So I tried using the NULL
cipher feature to support the method I used.

Regards,
Hilman



--
Sent from: http://nongnu.13855.n7.nabble.com/linphone-developers-f38648.html

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers