[Freeswitch-users] Encrypted RFC2833 DTMF
Steve Underwood
steveu at coppice.org
Mon Jun 3 05:04:15 MSD 2013
On 06/03/2013 08:19 AM, James Cloos wrote:
> Goog found this:
>
> http://enterprise.huawei.com/ilink/enenterprise/download/HW_U_149094
>
> which says:
>
> ,----< excerpt from HW_U_149094.pdf §35.3 >
> | Huawei NGN Cipher Version1 (HNC1) is a patented algorithm of Huawei
> | and supports the 122/256-bit key. In encryption, the softswitch
> | (SoftX3000) of Huawei is required to cooperate. Currently, HNC1 is
> | used in the application scenarios in which the UA5000 works with the
> | SoftX3000.
> `----
>
> It also says that those two products encrypt the rfc2833 traffic with
> that algorithm, w/o implying that it is part of 2833.
>
> As for why it is useful to encrypt the 2833 w/o also encrypting the
> voice, I can only speculate. Perhaps some idiosyncrasy of PRC law?
> Or to provide better integrity?
>
> -JimC
There is an excellent reason for encrypting DTMF, when encrypting the
voice is unimportant. If you can compromise a gateway and pick out all
the DTMF, you might have the ability to recover a lot of passwords used
for things like phone banking. On the PSTN this kind of thing only
really works with a focussed hardware attack on the lines to the banking
system, but with VoIP any compromised node could be a problem.
Steve
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list