Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Encrypted SIP/RTP

Michael — Jan 15, 2016 02:20AM PST

Does Flowroute support SRTP or ZRTP for audio transport?


1 Community Answers

Adam M. - Jan 15, 2016 08:48AM PST

Hello Michael,

We do not offer SRTP at this time, however, to better explain the vulnerabilities of someone eavesdropping, here is a more in-depth look at telecommunication security:

Security is only as strong as the weakest link and the PSTN is the weak link in telecommunications. The design of the PSTN is inherently insecure and that will never change. Wire tapping has always been a simple affair for law enforcement and even for a reasonably determined malicious party.

1.SIP connection to sip.flowroute during call.
The SIP signaling is extremely difficult to tamper with and no real damage can be caused by that. However, someone who hacks your customers network or who provides Internet service for them can sniff the SIP signaling to see all call progress information.

We may be able to offer TLS encryption in the future to encrypt the signaling between the customer and our servers; however this still should not be considered a reasonable level of privacy because the SIP signaling from our servers to the carrier and throughout the PSTN cannot be encrypted.

2. RTP connection to interconnection carrier during call.
This is not encrypted and cannot be for the foreseeable future. The reason being that the carriers do not implement any support for RTP encryption in their gateways. They likely share the belief that real privacy and security cannot be provided for calls that traverse PSTN.

3. SRTP is secure RTP
A protocol that wraps a regular RTP media stream in an encrypted tunnel, thereby protecting it from eavesdroppers. Although we can technically have the ability to implement it, it would be of little use because the carriers do not support SRTP and will not for the foreseeable future. That means that we would have to proxy media, then decrypt the media streams and relay them to the carriers as regular RTP.

This question has received the maximum number of answers.