[h323implementers] NSA H.323 surveilance

Paul E. Jones paulej at packetizer.com
Fri Mar 14 08:51:02 EDT 2014


There is no doubt that we need to improve security.  Most of the H.323 
and SIP networks follow a transitive trust model.  That wouldn't be so 
bad, except there appear to be multiple weaknesses with TLS 

Are they able to compromise a certificate without creating a bogus 
certificate?  Or are they using bogus certificates?  (The latter is 
actually trivial for them to do.  Most people would never recognize that 
a bogus certificate was employed.)

Both H.323, SIP, and the forthcoming H.325, we need to take additional 
steps to fight against MiTM attacks.  It's likely impossible to remove 
the transitive trust element, though.


------ Original Message ------
From: "Jan Willamowius" <jan at willamowius.de>
To: "openh323gk-users at lists.sourceforge.net" 
<openh323gk-users at lists.sourceforge.net>
Cc: h323implementers at lists.packetizer.com
Sent: 3/13/2014 12:04:18 PM
Subject: [h323implementers] NSA H.323 surveilance

>The Intercept just published a few very interesting slides how the NSA
>intercepts H.323 (and SIP and Skype) VoIP traffic:
>Notice how the HAMMERSTEIN component on page 4 "processes" the call
>signaling as man-in-the-middle. This would pretty much match the attack
>I have been warning about previously when I wrote "Why your AES
>encryption might be worth nothing".
>Another interesting fact seems to be that they targeted H.323 and SIP
>before taking on Skype (bottom of page 2).
>Jan Willamowius, Founder of the GNU Gatekeeper Project
>EMail : jan at willamowius.de
>Website: http://www.gnugk.org
>Support: http://www.willamowius.com/gnugk-support.html
>Relaxed Communications GmbH
>Frahmredder 91
>22393 Hamburg
>Geschäftsführer: Jan Willamowius
>HRB 125261 (Amtsgericht Hamburg)
>USt-IdNr: DE286003584

More information about the h323implementers mailing list