Securing Telecommunications with Encryption
summary
I know you have been waiting for this and it’s finally here! May 17th is Voice Telecommunication day! One of the most common subjects raised, year after year, is how do we secure our telecommunication channels?
In the past, where telephone calls were placed over a land line (PSTN), the only security issue was to worry about surveillance by the telephone company, and anyone who physically intercepted the line between you and the person you are talking to.
While there are hardware devices and actual crypto-phones that can be used to safeguard your conversation, the devices come at a high price and with the move to mobile and internet communication, the effort & costs involved to install can be considered unnecessary.
The advance in telecommunication networks and the Internet have made communicating easier and more cost effective, but unfortunately have also made the interception of calls more rampant than it has ever been. Without taking extra steps to protect your privacy, every phone call is vulnerable to eavesdroppers.
If you’re using a mobile phone, your conversation is conducted over a broadcast channel, which is easier to intercept than a physical line. There are numerous protocols involved in mobile technology with the most common being GSM.
One thing that makes GSM special is its call encryption capability: it is designed to encrypt calls in between the handset and the local tower. Your GSM SIM card stores an encryption key, which is authenticated by your service provider (who has a copy of your key), at the nearest tower. The main problem with GSM is that the tower doesn’t check back, which means that anyone can create a ‘fake’ tower and intercept your call.
The GSM protocol dates back 30 years and the technology behind it, while still useful, is somewhat outdated. Fortunately Smart Phones support improved 3G or LTE standards, offering improved encryption and mutual authentication between your device and tower.
If you’re planning to deploy VoIP (Voice over Internet Protocol), or are already using it within your company, you firstly need to ensure that the data network you are using is secure. VoIP is vulnerable to all of the intrinsic security problems associated with IP and because VoIP transmits digitized voice as a stream of data, there is a risk of theft of private information by a hacker.
There are many technologies, hardware and software involved in a VoIP system (depending on your requirements), such as
- IP Phones- the end points that create and receive calls
- Communication server/router – responsible for provisioning, monitoring & administering
- Voice/Media Gateways – contains protocols that interconnect your VoIP system and facilitate calls between IP and analogue
Ensuring that they are secure is critical to keeping your network safe.
VoIP uses the Session Initiation Protocol (SIP) and the Real-time Transport Protocol (RTP) for call signaling and voice-message delivery, these protocols do not encrypt the data
Installing a Symantec SSL certificate on your VoIP server greatly enhances the security by encrypting the signals and securing the voice streams between your devices, preventing MITM (Man in the Middle) attacks and other compromises.
Secure your communications with a Symantec Premium SSL certificates and implement an additional layer of protection with its free malware and vulnerability scanning services.
Frequent scans of your server will help protect your networks from unwanted intrusions and help you proactively mitigate vulnerabilities.
In addition to the Malware and Vulnerability services that Symantec Premium SSL certificates offer, it also includes a free an ECC (Elliptic Curve Cryptography) certificate alternative at no additional cost. ECC certificates provide stronger security and increased server performance due to the shorter key lengths (e.g. 256 bit ECC key provides the same level of security as 3,072 RSA key). It also reduces computational overhead on the server’s resources. Enjoy the flexibility of being able to use a single SSL certificate that can secure multiple domain names by simply adding them onto the same certificate. These types of certificates are known as SAN certificates or Unified Communications (UC) certificates and are commonly used with Microsoft server products (MS Exchange Server, MS Lync server etc.).