VoIP Eavesdropping: A Comprehensive Evaluation of Cryptographic Countermeasures

VoIP adoption has gained traction because the service is easy to deploy in various contexts (e.g. business, households, P2P) and represents considerable cost savings in comparison with traditional phone lines. Unfortunately, security measures haven´t kept up with VoIP´s gain in popularity and its users are placing the same amount of trust on the system as they do with landlines. As a result, eavesdropping has become a serious security threat, since network layer and application layer interception attacks are readily available and relatively easy to pull off. This document covers VoIP security schemes with a hands-on approach that encompasses an investigation of current implementations for each protocol, along with performance tests using Quality of Service (QoS) measurements. Our results show that call setup time isn´t largely affected by either signaling protection schemes or key exchange mechanisms, unless TCP is employed as the transport protocol, which is the case with TLS signaling and MIKEY key exchange. Hence, tunneling SIP messages with DTLS and IPSec as well as exchanging keys by using SDES and ZRTP doesn´t hinder the call setup process. Meanwhile, the dearth of support for secure protocols other than TLS, SDES and SRTP in current VoIP clients has rendered S/MIME unviable. The same phenomenon has also led to suboptimal call performance characteristics being inherent to MIKEY and ZRTP key exchange in terms of packet jitter, since their existing implementations have no SIP reinvite support or involve an additional software layer for packet encryption and decryption.