Return to LanScape's home page Go back a page...       Active TopicsActive Topics   Display List of Forum MembersMember List   Knowledge Base SearchSearch   HelpHelp  RegisterRegister  LoginLogin

LanScape VOIP Media Engine™ - Technical Support
 LanScape Support Forum -> LanScape VOIP Media Engine™ - Technical Support
Subject Topic: Bug for SIP Message Encryption Found Post ReplyPost New Topic
Author
Message << Prev Topic | Next Topic >>
speedvoip
Vetran
Vetran


Joined: August 07 2008
Location: Canada
Posts: 156
Posted: December 12 2008 at 11:35am | IP Logged Quote speedvoip

Hi Support:
For latest v6.0.0.3 image, there is bug related to encrypt/decrypt SIP message. when I use proprietary algorithm which converts SIP message into non-ASCII byte stream, ModifySIPMessage API still regards it into string for process, therefore results in broken byte stream transmission or reception.
Most simple example is to use XOR byte by byte for encryption/decryption algorithm for testing.

On the whole, I think media engine must be carefully tested until release. In my opinion, there is far way to commercial level.
Back to Top View speedvoip's Profile Search for other posts by speedvoip Visit speedvoip's Homepage
 
support
Administrator
Administrator


Joined: January 26 2005
Location: United States
Posts: 1666
Posted: December 12 2008 at 3:18pm | IP Logged Quote support

Hi George,

The media engine expects the encrypted SIP message to consist of printable ASCII characters – not binary data. This is by design.

Is there a fundamental reason that you insist on using binary data encryption? What am I missing?

Unless you are facing an encryption sip-inter-op issue with other equipment, take all of your XORed SIP data and perform a final convertion to ASCII hex characters then let the media engine transmit/receive that. The same level of SIP message obfuscation will be achieved.

If we have to support binary data for encrypted SIP, that should not be a problem. Give me your encrypt/decrypt algorithm and we will see if we can support it easily. Don’t worry, its all ok…..

Other Notes:
By the way, I am working on the “bo bo” noise update as we speak. Please email me with the SIP account information I can use to perform live testing if required.

Thanks,

Randal

Back to Top View support's Profile Search for other posts by support Visit support's Homepage
 
Suki
Intermediate
Intermediate


Joined: December 13 2008
Location: China
Posts: 1
Posted: December 13 2008 at 2:03am | IP Logged Quote Suki

Hi Support:

I'm Suki, a developer of speedvoip corporation.

Here, I post our encryption/decryption algorithm of sip message. This algorithm which is described as follows in ANSI C applies for both operation.

Code:


#define RF_SECURITY_KEY   0X4854
#define RF_END_KEY        0X53

void  ByteAlgorithm(IN char *pMsg, IN  unsigned short nMsglen)                                     
{
       int i;  
       unsigned short endnum = 0;
        
       if(nMsglen <= 0)
       {
           return ;
       } 

       endnum = nMsglen;
        
      //if odd, encrypt the end byte
       if(0 != nMsglen % 2)  
       {
           endnum = nMsglen -1;
           *(pMsg + endnum ) = *(pMsg + endnum) ^ RF_END_KEY; 
       }
        
       for(i = 0; i<endnum; ++i) 
       { 
           *(pMsg + i) = RF_SECURITY_KEY^ *(pMsg + i); 
       } 
        
       *(pMsg + nMsglen) = '\0';            
}
 


Back to Top View Suki's Profile Search for other posts by Suki
 
support
Administrator
Administrator


Joined: January 26 2005
Location: United States
Posts: 1666
Posted: December 13 2008 at 6:42am | IP Logged Quote support

Hi Suki,

Thanks for posting to this forum.

We will take a look and see what updates will allow the media engine to use binary data encoding/decoding for SIP messages. If its not too much of a change, then we may include the update when we remove the “bo bo” noise issue George reported.

Its Saturday today and I will be working on your behalf today.

Thanks,


Randal

Back to Top View support's Profile Search for other posts by support Visit support's Homepage
 
support
Administrator
Administrator


Joined: January 26 2005
Location: United States
Posts: 1666
Posted: December 18 2008 at 3:36pm | IP Logged Quote support

Hi George and Suki,

We have looked at what it will take to support native binary data handling of SIP messages for encoding/decoding. It will take more than a few simple changes.

If you want to obfuscate media engine SIP messages, you will have to resort to the following method:

Encoding SIP Messages:

1)
Have your VOIP app process the SipModifySipMessage immediate event to access the “ready-to-be-transmitted” media engine SIP message.

2)
Use your XOR binary algorithm on the SIP message.

3)
Perform a final Base64 encoding of your binary data and call the ModifySipMessage API proc as normal.


Decoding SIP Messages:

1)
Have your VOIP app process the SipModifySipMessage immediate event.

2)
Take the received Base64 data you receive from the media engine and Base 64 decode it back to your XOR binary encoding.

3)
Use your XOR binary algorithm on data from step 2 to decode your XOR data back to the original SIP message.


As I previously stated, the media engine supports SIP message encoding/decoding for obfuscation purposes. By design the media engine expects to handle ASCII data with regards to SIP message flows.

We won’t be adding binary SIP message handling to the media engine unless it is absolutely necessary. If it is necessary, then we would consider this a custom version of the media engine and would perform the work only on a contract basis. If you can budget for us to add binary SIP message handling to the product – not a problem. We can get it scheduled right away.

Thanks,

Randal

Back to Top View support's Profile Search for other posts by support Visit support's Homepage
 
speedvoip
Vetran
Vetran


Joined: August 07 2008
Location: Canada
Posts: 156
Posted: December 19 2008 at 11:35am | IP Logged Quote speedvoip

Hi Randal:
You have fully explained principle for SIP message obfuscation. We think your advice is constructive, so a thin base64 wrapper to binary-powered SIP message will be added into our application.

Thanks
Back to Top View speedvoip's Profile Search for other posts by speedvoip Visit speedvoip's Homepage
 

If you wish to post a reply to this topic you must first login
If you are not already registered you must first register

  Post ReplyPost New Topic
Printable version Printable version

Forum Jump
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum






Contact LanScape Hear what the Lawyers have to say How youm may use this site Read your privacy rights