April 22, 2014 at 12:01 #312
Are VoIP calls secure?
By default no. From a technical point of view, phone companies and governments can pretty much listen to any wired or wireless conversation they want to. Data packets can be eavesdropped in the corporate networks, by network service providers, by criminals, competitors and so on.
So, how to secure your calls?
The best way is encryption.
Currently we have solutions for encrypting VoIP calls:
SIP over TLS ensures that all signaling information (caller and callee phone numbers, sip domain and other contact information), transmitted between your phone and server, will be encrypted. For this reason, TLS is recommended protocol for sipmobile.org.
To protect media our servers are configured, by default, to support SRTP. If your phone does not support SRTP, the call will fail. See IP Phone setup topic for more information.
Some soft phones can show information about call. For example Bria will show you that current call is encrypted.
When using SRTP, you must ensure that signaling protocol is also secure (i.e. TLS), because cryptographic keys are exchanged in plain text.
ZRTP is another protocol, which can be used with insecure signaling (UDP and TCP). To use ZRTP both phones must support it.
WEB calls are secured by default by TLS (signaling Web Socket over TLS) and DTLS (media). So you don’t need anything.
Messaging. There are two ways to sent Messages – SIP/SIMPLE (it is secure if you use TLS), and XMPP (TLS is used by default). For SIP/SIMPLE messages are never saved on server. If the recipient is offline, he will not receive message. Maybe it’s inconvenient, but more secure.
Completing this two steps – secure signaling (TLS) and secure media (SRTP, ZRTP, DTLS) you will ensure security inside Sipmobile domain. We of course can not guarantee your security outside. So, if you need secure communications with your family, friends and partners, it may be better to connect us all?
You must be logged in to reply to this topic.