Advertisement

Encryption in VoIP?

What is the role of encryption in a converged network? But first, a primer.

Body: Encryption is a process where mathematical algorithms are used to transform a message such that only the intended parties are able to decypher the message. The purpose of encryption technology is to protect the privacy of the message recipients.

Ever since the 2nd world war, the US Government has defined encryption and cryptographic technologies as a munition, not unlike armaments. In the 50s and 60s this was pretty easy to do, since it took great minds and substantial overhead resources to encrypt-decrypt messages. However, as the processing overheads of advanced algorithms and as the processing performance of advanced encryption engines (specialty hardware optimized for encryption-decryption processes) excelled, and as the cold war ended, it became obvious that there were legitimate commercial reasons for protecting the privacy of messaging, sessions and packets.

One of these applications is wireless. It was only as recently as 1995 that eavesdropping on people's cellular phone calls were great entertainment. Since going to digital radios however, with built-in encryption algorithms (albeit simple algorithms) and frequency hopping techniques that made it difficult to capture all the parts of a conversation, the entertainment opportunity evaporated.

In fact, as recently as 1995, it was a crime for a French citizen to own encryption technology.

So, in order to keep up with the legitimate commercial applications, encryption technology has been demilitarized. Now, encryption is readily available in your browser, on your hard drive (if you choose) and in your email applications.

There are classically a small number of technologies used in encryption:

  • Symmetrical algorithms – use the same key to encrypt as to decrypt –
  • asymmetrical algorithms – use different key to encrypt as to decrypt – and
  • hash, or message digests, are algorithms that create a specific report for any arrangement of bits. Change one bit, and the output of the hash is completely different.

These three technologies are combined in various ways to assure privacy, access control, message integrity, non-repudiation and authentication services.

Public Key Infrastructure – PKI – pioneered by a small number of software technology companies – Entrust, RSA, Thwaite – is all about using symmetrical algorithms to rapidly encrypt the message, use the hash on the message, and then use the asymmetrical algorithm to encrypt the symmetric key.

[ASIDE: pki relies on the product of large prime numbers such that each person can have a public key and a private key. Private keys are kept secret. If I send you a message and encrypt it with your public key and my private key, it can only be decyphered with your private key and my public key. Public keys are often presented in the message or in a global database.]