What is SIP over TLS and SRTP?
SIP over Transport Layer Security is a standard SIP request/response which has been encrypted using TLS. This operates in the exact same manner as more traditional HTTPS. As SIP is only used for establishment, control, and tear down of calls, SIP over TLS does not encrypt the actual RTP voice traffic. For that we use SRTP.
SRTP is the Secure Real-Time Transport Protocol. This differs from TLS as it uses opportunistic encryption to exchange keys. Since SIP over TLS already has negotiated a secure channel prior to any traffic being passed, SRTP exchanges its cipher key in the SDP of the encrypted SIP Message.
It is important to understand that Voyant Secure Trunking operates almost entirely the same as a non-secure SIP Trunking. The only difference is a short exchange at the beginning of a call to negotiate a security cipher suite and key. After this, the SIP is encrypted and all call setup and tear downs happen normally. It is also important to note that the call is only encrypted on the leg which traverses the Public Internet (between the customer and the SBC). Once the call is on the internal side of the Voyant network encryption is no longer used.
What is Public Key Cryptography?
Cryptography exists to allow two parties to exchange information with each other that, if intercepted by a third party, would not be understandable. Traditional cryptographic methods involve the two parties mutually agreeing to a Key beforehand. With the introduction of the Internet and the variety of devices, apps, and people who would be interacting with each other, this was obviously not a feasible solution. An encryption scheme was needed that would allow two devices which had never interacted to agree upon a cipher, while at the same time disallowing any third party who may witness this exchange to also obtain the cipher.
Public-key cryptography, also referred to as asymmetric cryptography, is a type of encryption that uses two mathematically linked, but otherwise unique, keys. Called the Public Key and the Private Key. As the name suggests, the Public Key is a key that any server can send to any client device attempting to communicate with it. The Private Key is kept secret and never shared.
While the Public Key is an encryption Key, it can be best thought of as a “lock”. The Public Key can be used to Encrypt data, however, it is mathematically infeasible to use the Public Key to decrypt that same data. Decryption is done by using the Private Key.
How it works
Consider sitting at your computer and navigating to your bank’s website to pay a bill. The first thing to happen is that the bank's web server will send your computer it's Public Key. Your computer could now use that Public Key to encrypt any information you wish to send, and only the bank would be able to decrypt it by using their Private Key. A malefactor in the middle, who may have seen the whole exchange, would be unable to view your private information. All he would have would be the Public Key, and your encrypted data.
Remember, the Public Key cannot be used to decrypt, only encrypt. Your computer would create a new Key which it would encrypt using the bank’s Public Key and then send back to the bank's web server. Now both devices would have a shared key that could be used to communicate securely with each other.
Example call setup
Before a call can be set up on a Secure SIP Trunk, a cipher suite and key must be agreed upon. However, before the cipher suite can be agreed upon, both sides need to “Trust” each other. This is to ensure that neither side is the victim of a Man-in-the-middle attack.
In Secure Trunking the mechanism to establish this trust is setup before any calls take place. Upon creation of a Voyant Secure Trunk the customer is provided with a Root Certificate which they must install on their PBX. When the PBX initiates a TLS handshake to the Voyant SBC, the SBC will reply with a security Certificate. This Certificate can be mathematically compared to the Root Certificate that they installed on their PBX. If they match, the PBX can be confident that it is communicating with a real Voyant SBC and not a hacker or scammer.
The Voyant SBC must also be able to trust the customer's PBX. To do this, when a new Secure SIP Trunk is set up, the customer must provide Voyant with a Certificate Signing Request. The Voyant Certificate Authority will digitally “sign” this certificate and then return it to the customer for installation in their PBX. During the TLS handshake, the PBX will return this Certificate to the Voyant SBC. If the digital signature matches, then the SBC can be confident that the connection really is coming from the customer and not a hacker or scammer.
It is important to note that although this exchange does establish trust that we are interacting with the correct companies, it does not supercede the need to provide regular SIP authentication via either Static IP, or Registration.
The TLS Handshake
The client begins the handshake by sending a Client Hello message to the server. This message lets the server know which TLS versions and cipher suites the client can support.
The Server Hello message is the reply to a Client Hello. This message will contain the name of the cipher suite chosen (as picked from the list of available suites found in the Client Hello) as well as the server’s Public Key Certificate.
The Client will use this Certificate to compare to the Voyant Root Certificate that was installed during the Secure SIP Trunk setup.
Client Key Exchange / Change Cipher Spec / Finished
After the client has established trust with the server, it uses the Public Key that the server provided to encrypt the data which the server can use to derive keys for future encryption messages.
The Client then sends a “Finished” response, which is encoded with the new encryption key.
Change Cipher Spec / Finished
The server replies with a “Finished” message which is also encoded with the new encryption key. All future communications for this session will now use this key.
What cipher suites does Voyant support?.
Troubleshooting an encrypted SIP connection can obviously be much more difficult due to the messaging being encrypted. While in some cases the data can be decrypted, this is not always true. We do recommend customers configure endpoints for Secure Trunks as Registered (username/password) vs IP Authenticated, as that configuration will result in the access SBC certificate being used in the TLS handshake, providing Voyant greater ability to troubleshoot the call.