If you can roll out end-to-end encryption, it would be comparable to the use of PGP in mail, it doesn't rely on network security. (Let's keep the keyexchange/keyservers/etc out of the picture for now). Even the government agencies would not be able to retrieve that information, so they would have to rely on planting bugs, compromising the phone firmware. Is this implementation feasible? Yes, but it takes a huge amount of work, and knowlegde. And we all lack it :)
The latency on well designed phones is very limited, it would be extremely nice if a phone would ship with a cryptographic processor. On Internet connections the latency of encryption is negledgeable. Although the preferred encryption would be for example AES or Blowfish, I have not seen any cryptographic coprocessors for those anyway. It is also questionable if on those ciphers coprocessors would help out, from a cost or performance point of view.
Michael
WipeOut . wrote:
I have been following this thread ad decided to add my thoughts.. :)
While the thought of encryption always seems like a nice idea the reality is usually far from satisfactory.. The increased processing power requirements, far larger latency and encryption standardisation and interoperability will all prove to be major headaches..
As far as I see it if you have ever talked about confidential stuff on a cordless phone or a cell phone you should have no problem using a SIP phone over the LAN or even the internet.. Even a landline phone is easy to tap if you really wanted to..
If the nature of the information is such that it requires a secure transport method then you probably shouldn't be talking about it over the phone anyway.. irrispective of the phone technology being used..
later..
_______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users
