Search icon CANCEL
Cart icon
Close icon
You have no products in your basket yet
Save more on your purchases!
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
Mastering FreeSWITCH

You're reading from  Mastering FreeSWITCH

Product type Book
Published in Jul 2016
Publisher Packt
ISBN-13 9781784398880
Pages 300 pages
Edition 1st Edition
Authors (8):
Russell Treleaven Russell Treleaven
Profile icon Russell Treleaven
Seven Du Seven Du
Profile icon Seven Du
Darren Schreiber Darren Schreiber
Profile icon Darren Schreiber
Ken Rice Ken Rice
Profile icon Ken Rice
Mike Jerris Mike Jerris
Profile icon Mike Jerris
Kalyani Kulkarni Kalyani Kulkarni
Profile icon Kalyani Kulkarni
Florent Krieg Florent Krieg
Profile icon Florent Krieg
Charles Bujold Charles Bujold
Profile icon Charles Bujold
View More author details

Table of Contents (21) Chapters close

Mastering FreeSWITCH
About the Authors
About the Reviewers
1. Typical Voice Uses for FreeSWITCH 2. Deploying FreeSWITCH 3. ITSP and Voice Codecs Optimization 4. VoIP Security 5. Audio File and Streaming Formats, Music on Hold, Recording Calls 6. PSTN and TDM 7. WebRTC and Mod_Verto 8. Audio and Video Conferencing 9. Faxing and T38 10. Advanced IVR with Lua 11. Write Your FreeSWITCH Module in C 12. Tracing and Debugging VoIP 13. Homer, Monitoring and Troubleshooting Your Communication Platform Index

Encrypting (S)RTP via SDES (key exchange in SDP)

SRTP in its oldest, simplest and most deployed implementation encrypts the (UDP) audio stream using a key that was exchanged via SIP(S), in the SDP body of the SIP packet.

This method, called SDES (SDP Security Descriptions), can be considered secure under two conditions:

  • Encrypted SIPS (for example, TLS) was used for exchanging keys in signaling

  • All the SIP(S) proxies between caller and callee are trusted

Because SIP(S) packets must be interpreted by proxies, the organizations that own or manage each single proxy between caller and callee know the key and can decrypt the audio. Also, someone can succeed in inserting him or herself into the proxy chain, and acting as a man-in-the-middle (mitm), pretending to be one such legitimate proxy, and then decrypt and/or tamper with the audio.

Many wrongly identify "SRTP" with "SRTP via SDES". SRTP is actually RTP encrypted via keys, and there are many different methods to exchange those keys.

Anyway, anyone...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $15.99/month. Cancel anytime