January 1999

What measures are being taken to ensure the security of Internet telephony transactions? What role will encryption play in the future of Internet telephony, and what are some of the standards that developers can take advantage of?

We asked several industry-leading vendors for their views on the Internet telephony industry. Their responses appear below.

As so-called �data convergence� takes place, the IP protocol that forms the foundation of the Internet is being used to carry a variety of data streams, such as video and voice, as well as the more traditional e-mail and other data-only applications. At the same time, concerns over Internet security have spurred the development of powerful mechanisms for securing IP applications of all types, including Internet telephony. Today, enterprises are constructing secure virtual private networks (VPNs) over the Internet using products based on interoperable standards.

The most widely accepted VPN standard � IPSec (for IP Security) � specifies protocols and algorithms that ensure the privacy, integrity, and authenticity of data traveling over the Internet. Encryption algorithms ensure data privacy, and authentication functions ensure that data have originated from a trusted source and have not been modified in transit. One potential concern is that the computationally intensive nature of IPSec processing could add unacceptable latency to IP voice packets and therefore be incompatible with IP Telephony.

However, manufacturers of hardware-based VPN gateway products have addressed this concern. For example, the VPN gateway maker VPNet Technologies, along with Clarent, a maker of Internet telephony gateways, have tested their products together and demonstrated voice over IP applications with full IPSec security. The implications are clear: Secure, standards-based Internet telephony is a reality today, ready to be exploited in the next wave of Internet applications.

Richard Kagan, VP of Marketing, VPNet Technologies

The classic response to securing Internet telephony transactions includes protecting network elements and the systems supporting them. Network attacks attempt to disrupt management and routing protocols, and deny service by suppressing the availability of transmission resources. Using secure versions of management and routing protocols, i.e., security extensions to SNMP or a secure version of OSPF, designers can protect network elements such as routers. General protocols, like telnet, should be combined with secure transmission provided by IP Security. For element management systems, there are several ways to insert security into the TCP/IP protocol stack. Examples include insertion within the application, within the socket layer between the application and TCP known as �secure socket layer�, and within the network layer between TCP and the IP layer known as IP Security or IPsec.

IP security allows for two services � authentication and encryption. The authentication service is obtained by inserting an authentication header between the IP header and the payload. The encryption procedure is very similar, except that the payload is encrypted with the specified secret key. As an example, Security for Next Generation Network cable transports is covered by DOCSIS Baseline Privacy specifications [MCNS8]. This uses DES encryption, with separate keys refreshed periodically for each cable modem.

Steven Jaroski, Bellcore Vice President, Voice Over Packet Solutions Delivery

Customers need security to protect against illegal interception, third-party alteration, privacy, and confidentiality whether they have a single LAN, or a VPN connected through multiple service providers. Motorola hides its networks from hackers by going through firewalls. We provide PSTN caller ID blocking for people (such as battered women) who do not want their identifications and locations known.

As Internet telephony is exploding, these issues are being addressed. While industry bodies are developing security standards, such as the IETF�s IPSEC (which Motorola supports), other groups � including politicians and interested parties � are tackling the complex privacy issues.

When we talk about security, our �tool box� should include anything that stops an unauthorized party from �listening� and understanding our traffic. Encryption will play an important role, but it is only one element in our toolbox. This toolbox includes encryption algorithms (DES, Triple DES, MD4/5, RC4/5, etc.), data compression, firewalls, key exchange protocols (ISAKMP, IKE, PKI, proprietary), policy-servers, proxy servers, access-controls, authentication servers (RADIUS, PAP, CHAP, TACACS, etc.) and layer 2 and layer 3 tunneling protocols (IPSec, GRE, L2TP, L2F, PPTP, and the like).

Standards will be important for interoperability between vendors and service providers. However, the standards are still evolving. All elements are not yet available to provide end-to-end security in a multi-domain network like the Internet. Motorola believes that during this embryonic stage of Internet telephony and VPNs, most customers will want to manage their own secure networks and tunnels through vendor-proprietary security methods that provide a low-cost, straightforward upgrade path to support international standards when they become available.

Larry Breakwell, Product Manager, Motorola ING

Adequate security is imperative for Internet telephony to realize its full potential. If people doubt the security, and thereby hesitate to send confidential information over the Internet, the growth of key areas such as electronic commerce will be stunted. To ensure security, the issue must be addressed at every layer of the Internet, from physical to application. There are several security mechanisms available, including procedures and policy, passwords, encryption, router passwords, firewalls, packet filtering, and address translation gateways. In addition, different �tunneling� mechanisms provide secure access to corporate networks.

Three key areas needing attention are authentication, data privacy, and unmanaged-managed public key infrastructure (PKI). Encryption will play a vital role in ensuring the privacy of data and communication transmitted via Internet telephony. Without this, there can be no assurance of security. The Internet Engineering Task Force (IETF), of which Nortel Networks is a leader, has several groups working on Internet standards. The current working groups regarding security include Authenticated Firewall Traversal, Domain Name System Security, IP Security Protocol, One-Time Password Authentication, Public-Key Infrastructure, S/MIME Mail Security, Secure Shell, Simple Public Key Infrastructure, Transport Layer Security, Web Transaction Security, and the Open Specification For Pretty Good Privacy.

T.J. Fitzpatrick, President, Meridian Systems, Nortel Networks

While VoIP can save users money, users require security as well, especially over a public shared IP backbone or Virtual Private Network. Most businesses, in fact, will not deploy services that cannot be secured.

Cisco has successfully encrypted VoIP using IPSec, without the use of special �Cryptophones� on its VoIP-capable products. IPSec encryption creates encrypted IP tunnels across a public network. No IP data is ever passed in the clear.

Since the VoIP data is compressed by hardware, the router suffers no significant performance loss. The VoIP data is then encrypted like any other IP data using IPSec. Since VoIP is integrated into the router software, QoS mechanisms, such as IP Precedence, can be used to provide the lowest level of latency. Firewall technology can also be integrated in the same router, preventing Denial of Service attacks.

With a Service Level Agreement from a reliable service provider, users can utilize encrypted VoIP from Cisco to provide secure, reliable VoIP in a single router solution.

Stuart Phillips, product manager, Cisco IOS Security Internet Services Unit