SRTP encryption, mandatory, not enforced?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

SRTP encryption, mandatory, not enforced?

Michael Williamson-2
My SIP provider, Callcentric, insists they have not enabled SRTP encryption on their servers, yet when I enable the option on my Linphone 3.6.1 (on Fedora 32, distro-maintained) and select "mandatory" it still works and appears to be encrypting the call to their server. Either they are mistaken and are accepting encrypted calls, or the "mandatory" option is being ignored by Linphone and the communication between Linphone and Callcentric's server is unencrypted.

If it is latter case, this would be giving a false sense of security to Linphone users who might have unencrypted calls otherwise displayed as encrypted. The entire time I had encryption enabled, I'd get the "Secured by SRTP" note displayed on my Linphone softphone.

A concerned Linphone user,
Michael S. Williamson

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers
Reply | Threaded
Open this post in threaded view
|

Re: SRTP encryption, mandatory, not enforced?

Dmitry Alexandrov-2
Michael Williamson <[hidden email]> wrote:
> My SIP provider, Callcentric, insists they have not enabled SRTP encryption on their servers

SRTP proper does not require any support from a SIP server.  If fact, it does not require a SIP server at all.

> yet when I enable the option on my Linphone 3.6.1 (on Fedora 32, distro-maintained) and select "mandatory" it still works and appears to be encrypting the call to their server.

On the other hand, if I recall correctly, what is called ‘SRTP’ in Linphone UI and is opposed to DTLS and ZRTP there is _SDES_ — the SIP-specific protocol for negotiating SRTP session.  It was chronologically the first protocol used with SRTP, hence the conflation, despite that ZRTP (in general) and DTLS (in this context) are also protocols for using with SRTP.

SDES at least does require a SIP server.  But again, there is nothing to be specifically ‘enabled’ on it, given that it is a standard-conforming server, that bounces whatever message is sent by a client.

Compare it with PGP in this respect (below Iʼll try to explain why in other respects the analogy with PGP is faulty).  You do not ask you mail provider, whether they ‘enabled’ PGP encryption on their servers, do not you?  Itʼs completely up to you¹ and your correspondents to choose good MUAs that have support for encrypted mail.

Well, as we have learned in recent years, itʼs perfectly possible, that a hostile mail provider (such as protonmail.com) will take certain steps to prevent you from sending GPG-encrypted mail, nevertheless: an action required to impede, not the other way round.

Since (I hope) your Callcentric is not Protonmail and you both have chosen good software, encryption just works!  But read below for caveats.

> Either they are mistaken and are accepting encrypted calls or the "mandatory" option is being ignored by Linphone and the communication between Linphone and Callcentric's server is unencrypted.

Whether the connection between you and a SIP server is encrypted and whether SRTP is used — these are two different questions!

SRTP is ‘Secured RTP’, and RTP is a protocol for a connection, where the huge traffic (audio, video, etc) flows.  Ideally, (S)RTP stream is direct from you to your correspondent.  If you both are behind unpassable NAT, though, it may be routed via a TURN relay provided by your SIP provider (normally) or yet another third party (why not?), and whether the connection to it is encrypted is the third question.  In fact, when RTP stream is already encrypted, there is not much left to hide, so, I guess, TURN relays mostly accept cleartext.

And the SIP connection is indeed established from you to your provider, your provider connects to the provider of the other party, and her provider connects her.  And the each of these three connections may (and ideally should) be encrypted by the usual TLS.  Compare it with SMTP.

> If it is latter case, this would be giving a false sense of security

Yes, it does give a false sense of security.  A user might think, that SDES+SRTP is a proper _end-to-end_ encryption like PGP, while itʼs not: a _symmetric_ cipher is negotiated through SIP server (two of them), thus SDES does not provide any secrecy against the owners of these servers (i. e. SIP providers), if they manage to intercept the ciphered RTP stream, e. g. by directing it via their TURN relay.  If the connection to a SIP server is cleartext, then there is no secrecy against an ISP.  The same applies to both parties.

Conclusion: whenever possible use ZRTP, which is an protocol for end-to-end encryption.

> A concerned Linphone user,
> Michael S. Williamson

Just a passer-by,
Dmitry Alexandrov.

Do not rely on my scribble much.


-
¹ By the way, why I cannot find you PGP key?  Itʼs not attached to your message per Autocrypt, neither published on open key-network represented by keyserver.ubuntu.com, nor on proprietary keys.openpgp.org and keys.mailvelope.com?  Is this a throwaway address for public mailing lists?  Or do not you use GPG?  If the latter, why?

_______________________________________________
Linphone-developers mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/linphone-developers

signature.asc (253 bytes) Download Attachment