[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Linphone-developers] Question when using media encryption on linpho
|
From: |
Greg Troxel |
|
Subject: |
Re: [Linphone-developers] Question when using media encryption on linphone android |
|
Date: |
Fri, 10 Apr 2020 10:10:35 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (berkeley-unix) |
David Santiago <address@hidden> writes:
> I just noticed that when i have set the option mandatory media
> encryption[1] and i call address@hidden, the call is
> [1] - Settings Call -> media encryption -> ZRTP and media encryption
> mandatory set to true.
(This is the key point, so I rescued it from the footnote!)
> established, but i don't have any sound (i don't hear anything). If i
> finish the call and disable the media encryption i then i call back, i
> will get sound.
I am not surprised. ZRTP does key exchange and then encryption within
the media stream. This is great because it works e2e despite the media
being perhaps carried by intermediate sip routers or nat proxies (e.g
TURN).
Howver, ZRTP is generally implemented only in human-facing SIP
endpoints. This seems to be partly because of a notion that humans have
to check the short authentication string. So the test URI not doing
ZRTP is unsurprising.
> Is this the expected behaviour?
It's not exactly what I expect, but close. It is good that your phone
doesn't send audio (am guessing) in the clear; that's what "require"
means. And it's good that the arriving audio is not played, because the
point of require is "if it isn't encrypted like I asked, don't function,
so that failure to encrypt will lead to a noticeable failure to
communicate, rather than a silent and undetectable change to no
encryption".
However, I think the notification to you that encryption failed should
be much louder and stronger. Basically some kind of huge banner in the
UI like "encryption required -- blocking audio".
Overall, requiring ZRTP is a choice to only interoperate with others
than can do it. That makes sense if you are using SIP as a private chat
mechanism. But it doesn't make sense if you are trying to use linphone
as an extension on a PBX.
Probably there should be some per-addressbook-entry for requiring
ZRTP.
For SRTP flavors, I see those as more useful for securing a
softphone<>PBX connection. But, with TLS signalling, they could also
encrypt media, providing significant protection even if the keys are
exposed to the signalling nodes. (I am not really clear on the details
of this yet, so take my SRTP comments with a grain of salt.)