Page Index Toggle Pages: 1 2 3 [4] 5 6 ... 10 Send TopicPrint
Very Hot Topic (More than 25 Replies) Encryption: TLS, SRTP & ZRTP (Read 158750 times)
botyhc
Junior Member
**
Offline


Phoner is great!

Posts: 95
Joined: 02. May 2010
Re: Encryption: TLS, SRTP & ZRTP
Reply #45 - 02. Feb 2011 at 00:59
Print Post  
In phonerlite TLS please add entry to specify a trusted root certificate in addition to using Windows CA (some users are not able to change Windows CA). This will allow multiple server certificates signed by the same root certificate instead of specifying everything separately. Some PBXes and phones have it. And it will be very useful to make TLS complete.
  
Back to top
 
IP Logged
 
Phoner Admin
YaBB Administrator
*****
Offline



Posts: 10056
Location: Germany
Joined: 12. Oct 2003
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #46 - 02. Feb 2011 at 08:37
Print Post  
I don't like that! Why should each application should manage all that certificate stuff? PhonerLite runs on a operating system that supports this!
  
Back to top
WWW  
IP Logged
 
Phoner Admin
YaBB Administrator
*****
Offline



Posts: 10056
Location: Germany
Joined: 12. Oct 2003
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #47 - 02. Feb 2011 at 08:46
Print Post  
botyhc wrote on 02. Feb 2011 at 00:35:
Is the certificate used by the phoner in TLS if you don't specify, same for all phoners ? Does it generate a new one automatically ? If it is not specified it should generate a new unique one and use it. If not it can be a security risk ? 

That is a fixed built in certificate. If you wish to use your own certificate you have to configure one.
  
Back to top
WWW  
IP Logged
 
botyhc
Junior Member
**
Offline


Phoner is great!

Posts: 95
Joined: 02. May 2010
Re: Encryption: TLS, SRTP & ZRTP
Reply #48 - 02. Feb 2011 at 09:06
Print Post  
In the key exchange that occurs, with knowledge of this certificate and private key (since you are saying they are fixed) on the phonerlite side, then TLS is not secure, is that right ? I think you should probably add as a note to the TLS. Because normally there should be unique (not fixed and same for all phonerlites) certificate for each client.
  
Back to top
 
IP Logged
 
botyhc
Junior Member
**
Offline


Phoner is great!

Posts: 95
Joined: 02. May 2010
Re: Encryption: TLS, SRTP & ZRTP
Reply #49 - 02. Feb 2011 at 09:08
Print Post  
Phoner Admin wrote on 02. Feb 2011 at 08:37:
I don't like that! Why should each application should manage all that certificate stuff? PhonerLite runs on a operating system that supports this!


I think this enables trust only to phonerlite and not all apps. Also it is self contained. Having this option is very useful. Mostly certificates are self signed, and you cant put them into windows CA. In many cases in companies you can't change the windows CA for example. Instead having this with the app is very useful. If someone doesn't want it they need not add any trusted root CAs.
  
Back to top
 
IP Logged
 
Phoner Admin
YaBB Administrator
*****
Offline



Posts: 10056
Location: Germany
Joined: 12. Oct 2003
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #50 - 02. Feb 2011 at 09:27
Print Post  
I have no intention to change that. If you don't trust the CAs in the Windows CA store there is something wrong.
If you need a more secure solution than PhonerLite you have to look for another application. For me it is just a hobby project. I implement only things that I am interested in. I have no higher goals like the ultimate security solution.
There are Open Source implementations. Feel free to contact that implementors and help them to make their solution more secure.

If someone analyzes the binary code and extract the private key - yes, then someone might decrypt the connection. Do you really expect that someone does this? But ZRTP can't be decrypted in that way.
If you are using a server (VoIP provider or IP-PBX), then this server get the content of the messages, else no call routing can be done. So that server is the unsecure/untrusted point in such connection! Or do you really make pure peer-to-peer calls? If so, who should wiretap such connection?
  
Back to top
WWW  
IP Logged
 
deti
Junior Member
**
Offline



Posts: 93
Location: Prien am Chiemsee
Joined: 16. Dec 2006
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #51 - 02. Feb 2011 at 21:33
Print Post  
botyhc wrote on 02. Feb 2011 at 00:59:
In phonerlite TLS please add entry to specify a trusted root certificate in addition to using Windows CA (some users are not able to change Windows CA).

Heiko, I also would appreciate this functionality, but in a little different way. Couldn't you add a folder named certs in the PhonerLite folder and put your CAcert (and we other) trusted root certificates there? Then PhonerLite could automatically look into this folder by default to load the trusted certs if TLS is enabled. You don't need to add a new Button into the program. The "Load Windows CA" checkbox is enough beside this folder-solution.

Four reasons to do something like this:
1. Own client/server certificates and private keys could be placed there too, to have them all in one place (I know this can already be done).
2. Its a transparent and common method to put all certs together in one place.
3. See the tree advantages botyhc mentioned in posts #45 and #49.
4. Not everyone wants to trust CAcert certificates. Removing the CAcert root cert from that certs folder will make this authority untrusted. This is not possible at the moment.

Phoner Admin wrote on 02. Feb 2011 at 09:27:
Or do you really make pure peer-to-peer calls?

You are right, own server, client and root certificates are really needed only for PTP connections. But for PTP connections they are essential if you want to create really save calls.

Phoner Admin wrote on 02. Feb 2011 at 09:27:
If so, who should wiretap such connection?

A men in the middle Smiley. Think on secret services, economic espionage, ... For them it shouldn't be sooo difficult to place in the middle of the line.

I know Phoner is your hobby, as my is the Secure-SIP-Server project. So just think about my idea with the certs folder, maybe you can see its advantage.  Smiley
  
Back to top
WWW  
IP Logged
 
botyhc
Junior Member
**
Offline


Phoner is great!

Posts: 95
Joined: 02. May 2010
Re: Encryption: TLS, SRTP & ZRTP
Reply #52 - 02. Feb 2011 at 23:31
Print Post  
What you are doing as hobby is so nice ! 
Please consider what deti put in #51. I think that is a better solution (specifying folder and you point a relative (not just absolute) path in phonerlite). 

Thank you very much if you can do this.

I have a question too. When I take mouse to the TLS icon at bottom after registering. It says this certificate not valid for that domain. The subject name of my certificate matches the IP of the server which is what I but in phoner. Is it because it did not use windows CA. Otherwise why is it showing this ?
  
Back to top
 
IP Logged
 
Phoner Admin
YaBB Administrator
*****
Offline



Posts: 10056
Location: Germany
Joined: 12. Oct 2003
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #53 - 03. Feb 2011 at 08:36
Print Post  
If I would specify a folder there should be some naming convention to identify what is a root CA and what is any other certificate.
If you enable the option "Load windows CA", then additionally the file "rootcacert.pem" will be loaded if available. That is the actual implementation. So maybe this is enough for you Smiley

botyhc wrote on 02. Feb 2011 at 23:31:
I have a question too. When I take mouse to the TLS icon at bottom after registering. It says this certificate not valid for that domain. The subject name of my certificate matches the IP of the server which is what I but in phoner. Is it because it did not use windows CA. Otherwise why is it showing this ? 

PhonerLite compares the domain of the server it contacts and the domain (CN) within the certificate. So if PhonerLite contacts "sip.server.com" but the certificate is for "www.server.com" - there is no match and the icon is not "golden" but grayed. Se the picture at http://www.phonerlite.de/general_en.jpg - there the key icon is "golden".
  
Back to top
WWW  
IP Logged
 
deti
Junior Member
**
Offline



Posts: 93
Location: Prien am Chiemsee
Joined: 16. Dec 2006
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #54 - 03. Feb 2011 at 20:42
Print Post  
Phoner Admin wrote on 03. Feb 2011 at 08:36:
If I would specify a folder there should be some naming convention to identify what is a root CA and what is any other certificate.

Right. For example all files with the extension .ca.pem (e.g. trusted_root.ca.pem, xyz.ca.pem) could be CA certificates.

Phoner Admin wrote on 03. Feb 2011 at 08:36:
If you enable the option "Load windows CA", then additionally the file "rootcacert.pem" will be loaded if available.

If I put a file with this name inside the PhonerLite folder?

Phoner Admin wrote on 03. Feb 2011 at 08:36:
So maybe this is enough for you Smiley

Thanks, for the moment it is enough.
If you come across, the possibility to remove the CAcert root certificate would be great! Smiley
  
Back to top
WWW  
IP Logged
 
Phoner Admin
YaBB Administrator
*****
Offline



Posts: 10056
Location: Germany
Joined: 12. Oct 2003
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #55 - 04. Feb 2011 at 08:23
Print Post  
deti wrote on 03. Feb 2011 at 20:42:
If you come across, the possibility to remove the CAcert root certificate would be great!

Do you have a problem with this CAcert? That is inside, to support direct TLS connections between 2 PhonerLite instances. I will keep this, as long there is that built in certificate.
  
Back to top
WWW  
IP Logged
 
botyhc
Junior Member
**
Offline


Phoner is great!

Posts: 95
Joined: 02. May 2010
Re: Encryption: TLS, SRTP & ZRTP
Reply #56 - 04. Feb 2011 at 11:30
Print Post  
Phoner Admin wrote on 03. Feb 2011 at 08:36:
If I would specify a folder there should be some naming convention to identify what is a root CA and what is any other certificate.
If you enable the option "Load windows CA", then additionally the file "rootcacert.pem" will be loaded if available. That is the actual implementation. So maybe this is enough for you Smiley

botyhc wrote on 02. Feb 2011 at 23:31:
I have a question too. When I take mouse to the TLS icon at bottom after registering. It says this certificate not valid for that domain. The subject name of my certificate matches the IP of the server which is what I but in phoner. Is it because it did not use windows CA. Otherwise why is it showing this ? 

PhonerLite compares the domain of the server it contacts and the domain (CN) within the certificate. So if PhonerLite contacts "sip.server.com" but the certificate is for "www.server.com" - there is no match and the icon is not "golden" but grayed. Se the picture at http://www.phonerlite.de/general_en.jpg - there the key icon is "golden".


It should be enough Smiley Thanks ! 
I like deti's idea better too : 
"Right. For example all files with the extension .ca.pem (e.g. trusted_root.ca.pem, xyz.ca.pem) could be CA certificates."

And I assume these can be in the Phonerlite folder.

I tried with CN= IP of the server but it gave this. I'll try again!
  
Back to top
 
IP Logged
 
deti
Junior Member
**
Offline



Posts: 93
Location: Prien am Chiemsee
Joined: 16. Dec 2006
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #57 - 05. Feb 2011 at 16:02
Print Post  
Phoner Admin wrote on 04. Feb 2011 at 08:23:
Do you have a problem with this CAcert?

No, not personally at the moment. My concern is only that CAcert certificates are not rally safe. Anyone can get a CAcert certificate for free without identification - at least the short time valid certificates. If someone doesn't want to trust this certs he has no possibility to configure this at the moment.

Phoner Admin wrote on 04. Feb 2011 at 08:23:
That is inside, to support direct TLS connections between 2 PhonerLite instances. I will keep this, as long there is that built in certificate.

My suggestion was, to put only the public CAcert CA certificate in a file (e.g. CA_certs.pem) outside the compiled program and to keep the build in secret private-key and your public certificate inside. Doing this will not affect the actual functionality of PhonerLite and opens configuration capabilities for experienced TLS users. For example one could replace or add other trusted CA certificates in this file. I guess your openssl should be capable to read all trusted CA certificates from within one file.
  
Back to top
WWW  
IP Logged
 
Phoner Admin
YaBB Administrator
*****
Offline



Posts: 10056
Location: Germany
Joined: 12. Oct 2003
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #58 - 06. Feb 2011 at 07:41
Print Post  
I don't see the problem with CAcert. We don't talk about a automated service that delivers high security data. We are talking about telephony! You are talking with some person. You still have to trust that person - not the certificate that person uses within its softphone.
For me that TLS stuff is more a type of encryption than authentication. Together with ZRTP you get an end-to-end encryption of voice. A MiTM attack is no problem for ZRTP - authentication is done by reading that SAS (tooltip of SRTP icon) to each other. If you fear a MiTM attack for call signaling (get the number you are calling), it won't help to avoid CAcert root trust. The server you contact always decodes TLS!

I don't plan to do any further security stuff. I will check for additional CA certs in the own directory, but thats all! Sorry.
  
Back to top
WWW  
IP Logged
 
deti
Junior Member
**
Offline



Posts: 93
Location: Prien am Chiemsee
Joined: 16. Dec 2006
Gender: Male
Re: Encryption: TLS, SRTP & ZRTP
Reply #59 - 06. Feb 2011 at 15:33
Print Post  
Phoner Admin wrote on 06. Feb 2011 at 07:41:
We don't talk about a automated service that delivers high security data.

Hmmm, according to my understanding the transmitted key for the voice encryption is high security data.

Phoner Admin wrote on 06. Feb 2011 at 07:41:
For me that TLS stuff is more a type of encryption than authentication. Together with ZRTP you get an end-to-end encryption of voice. A MiTM attack is no problem for ZRTP - authentication is done by reading that SAS (tooltip of SRTP icon) to each other.

Right, ZRTP avoids this kind of concerns. But you have to authenticate by reading the SAS to each other. Here I see the advantage of TLS. With a correctly implemented TLS you don't have to read and confirm. You just look at the golden TLS icon and everything should be absolutely OK.
Smiley

Phoner Admin wrote on 06. Feb 2011 at 07:41:
If you fear a MiTM attack for call signaling (get the number you are calling), it won't help to avoid CAcert root trust. The server you contact always decodes TLS!

Right! The thing with the CAcert certificate only can be a problem if you don't trust the server. For normal calls (over a server you trust) this will not be a problem, only if you deal with Peer-To-Peer connections where you don't know if you can trust the phone you are talking to. I must admit, this probably are the absolute minority of calls done by Phoner(Lite). In this rare cases a MITM attack is possible if you can not disable CAcert certificates.

Phoner Admin wrote on 06. Feb 2011 at 07:41:
I don't plan to do any further security stuff. I will check for additional CA certs in the own directory, but thats all! Sorry.

All right. It was just a suggestion to mind if you work on your TLS code one day again.
  
Back to top
WWW  
IP Logged
 
Page Index Toggle Pages: 1 2 3 [4] 5 6 ... 10
Send TopicPrint