[liberationtech] AES-encyrpted telephony in Iran?
Nathan of Guardian
nathan at guardianproject.info
Wed Jun 13 04:09:30 PDT 2012
On 06/13/2012 01:24 AM, Naiz Mudin wrote:
> We must be prepared, in my country, to communicate with one another
> without fear of the govermnment having automatic access to our data, as
> is the case currently, whenever we (for example) use Skype VOIP outside
> of the country.
One question Naiz - are you using Skype on mobile phones today to
communicate, or only from desktops? Is this from 3G or wifi?
I ask because I think that it is important to that while PrivateGSM
software is technically very sound, there are some additional risks and
perhaps limitations when it comes to running VoIP, and even more so
secure VoIP, on a 3G network such as is available in Iran.
Skype is tolerated in many places in the world where encryption and VoIP
are considered illegal. Skype is allowed both because it is very
difficult to block (it uses many different IPs/hosts to connect in a
peer to peer like manner), but also because it is understood that most
people are using it to talk with family and conduct business.
If you use a VoIP system like PrivateGSM, or any SIP/RTP VoIP software,
it will look very different on the network than Skype. It will most
likely connect to one server, with a single IP address, for the SIP
portion (registration, call setup), and then it will stream the RTP
media stream through that same server. With secure VoIP that SIP stream
will be secured using SSL or TLS, the RTP media stream using something
like ZRTP or SRTP (basically the "AES encrypted" part you referenced).
If two people are calling each other using this service, it will be very
clear who is talking to whom and when. In some cases even, the RTP media
stream will stream directly between the two people/devices
communicating, clearly tying the two IP addresses together. If those IPs
are connected to a registered SIM card, then you see how this can be
With Skype, this is hidden in the cloud a bit more because there are
millions of people, though obviously Skype has many, many security
issues, and can suffer from this same direct IP-to-IP problem. Still,
Skype is tolerated, while Secure VoIP may not be.
Finally, there is another, more practical problem, which is speed or
"latency". Skype is really good at low bandwidth connections, while
Secure VoIP, mostly designed for enterprise/business use in the west, is
not. PrivateGSM is very good as Jacob mentioned, so it may be able to
adjust its call quality to the bandwidth/latency of your network, but
your expectations should be set a bit lower, and amount of patience of
your users higher... meaning, don't expect Skype simplicity and quality
liberationtech mailing list
liberationtech at lists.stanford.edu
Should you need to change your subscription options, please go to:
If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Should you need immediate assistance, please contact the list moderator.
Please don't forget to follow us on http://twitter.com/#!/Liberationtech
----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy