Andrea Cristofanini from PrivateWave has posted a hugely detailed howto explaining the process required to set up encrypted mobile to landline phone calls with Asterisk 1.8, Snom 300 and PrivateGSM Enterprise:
Here's a snippet from the introduction:
GSM has been cracked and and now mobile phone calls can be intercepted with cheap hardware and Open Source tools.
VoIP can be intercepted with simple windows point and click VoIP interception tool.
VoIP encryption protocols exists to protect from eavesdropping:
- SRTP does end-to-site voice encryption
- SDES does key exchange for SRTP
- SIP/TLS encrypt signaling channel over which SDES keys are exchanged
Till now Asterisk, the most used Open Source telephony engine, did not support it but Asterisk 1.8 finally supports SRTP voice encryption with SDES key exchange!
This howto explains the building of an integrated mobile to landline phone calling platform with:
- Asterisk 1.8 RC2
- PrivateGSM Enterprise for mobile secure calling (iPhone, Blackberry and Nokia S60)
- Snom 300 for landline secure calling
The procedures described below will guide you through the following steps:
1. Install Asterisk
2. Configure Asterisk
3. Configure Snom 300
4. Configure PrivateGSM Enterprise
5. Make secure calls
Please note that the security provided is end-to-site, that means that no one except the PBX system administrator can
eavesdrop in on the call.
If you need end-to-end security (typical government need) you need to use ZRTP that does end-to-end encryption.