Hi, I would like to know how IAX2 encryption is handled in detail. Information on voip-info.org is too asterisk related even though I know that this protocol was developed in conjunction to asterisk. http://www.voip-info.org/wiki/view/IAX+encryption says that "there is a rather undocumented channel encryption feature". Is it still undocumented? You can use encryption=aes128 or encryption=yes. Is there no difference between those two? I mean, maybe encryption=yes is for further development of other encryption algorithms.
For the protocol itself I took the draft at http://tools.ietf.org/id/draft-guy-iax-03.txt and there it says "The key to use in encrypting the messages is computed by taking the the CHALLENGE IE Section 8.4.14 from the AUTHREQ and concatenating any one of the shared passwords then computing the 128-bit MD5 digest of this combination. To decrypt, if there is more than password for the peer, each must be tried until the message is successfully decoded. The key remains constant for the duration of the call. Only the data portion of the messages are encoded." These two phrases in the paragraph are hard for me to understand! I don't know if the first phrase is talking about encryption or authentication or both because of the use of a hash algorithm. Does the part of the second phrase "if there is more than password" mean "if there is more than one password"? Sorry, if my questions are too "dumb", my English is not that good. Michael _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- Asterisk-Security mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-security
