Encryption?


#1

Are the communications using Asterisk encrypted?


#2

no, but it is possible to do it over vpn-networks


#3

Asterisk communications are sent in plaintext. SIP uses a text-based signalling for channel control and uses the RTP protocol for transmitting call media. Nothing is crypted except your password which can be and usually is MD5 hashed.

SIP can be secured using SRTP encryption, which encrypts media only (secure voice, but insecure control channel). I believe SRTP can be passed-thru asterisk if both endpoints support it. This requires endpoints which support it. Some higher-end IP phones support SRTP (SNOM, i think AAstra…).

There is also a version of SIP called SIPS which uses TLS as i recall, which is even less widely supported.

There is experimental crypto support in the IAX channel. Add encryption=yes to both sides of any IAX channel (must be authenticated!) and see what happens. IAX2 show peers should put an (E) next to encrypted channels. This will (once the peers are authenticated with each other) transmit all information (media and control signalling) with AES 128bit encryption. This is more secure than nothing but has not been subjected to any rigorous scrutiny that I am aware of.

As meral said, you can also wrap your voip in encryption by tunneling voip over a VPN of some kind. Don’t expect any phones to support this- you will need an external device to function as a VPN gateway.

Hope that helps!


#4

for vpn you may use any of this device voip-info.org/wiki/index.php … rmReceiver
with openwrt
or special vpn-solutions
i am using lynksys wrt54Gl with openwrt and openvpn with blowfish as vpn.
this device has wi-fi , 5 port ethernet switch. encryption speed is near 1Mb/s
cost ~ 90$