Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] AES-encyrpted telephony in Iran?

Nathan of Guardian nathan at guardianproject.info
Wed Jun 13 04:09:30 PDT 2012


On 06/13/2012 01:24 AM, Naiz Mudin wrote:
> We must be prepared, in my country, to communicate with one another
> without fear of the govermnment having automatic access to our data, as
> is the case currently, whenever we (for example) use Skype VOIP outside
> of the country.

One question Naiz - are you using Skype on mobile phones today to
communicate, or only from desktops? Is this from 3G or wifi?

I ask because I think that it is important to that while PrivateGSM
software is technically very sound, there are some additional risks and
perhaps limitations when it comes to running VoIP, and even more so
secure VoIP, on a 3G network such as is available in Iran.

Skype is tolerated in many places in the world where encryption and VoIP
are considered illegal. Skype is allowed both because it is very
difficult to block (it uses many different IPs/hosts to connect in a
peer to peer like manner), but also because it is understood that most
people are using it to talk with family and conduct business.

If you use a VoIP system like PrivateGSM, or any SIP/RTP VoIP software,
it will look very different on the network than Skype. It will most
likely connect to one server, with a single IP address, for the SIP
portion (registration, call setup), and then it will stream the RTP
media stream through that same server. With secure VoIP that SIP stream
will be secured using SSL or TLS, the RTP media stream using something
like ZRTP or SRTP (basically the "AES encrypted" part you referenced).
If two people are calling each other using this service, it will be very
clear who is talking to whom and when. In some cases even, the RTP media
stream will stream directly between the two people/devices
communicating, clearly tying the two IP addresses together. If those IPs
are connected to a registered SIM card, then you see how this can be
problematic.

With Skype, this is hidden in the cloud a bit more because there are
millions of people, though obviously Skype has many, many security
issues, and can suffer from this same direct IP-to-IP problem. Still,
Skype is tolerated, while Secure VoIP may not be.

Finally, there is another, more practical problem, which is speed or
"latency". Skype is really good at low bandwidth connections, while
Secure VoIP, mostly designed for enterprise/business use in the west, is
not. PrivateGSM is very good as Jacob mentioned, so it may be able to
adjust its call quality to the bandwidth/latency of your network, but
your expectations should be set a bit lower, and amount of patience of
your users higher... meaning, don't expect Skype simplicity and quality
right away.

Best,
 Nathan












More information about the liberationtech mailing list