The key purpose of ITV encryption is to avoid making a pattern of any sort. If you encrypt same text / packet 10 times you will get completely different encrypted text / packet each time. This happens due to the fact that the encryption key changes dynamically with each new encryption done, see the readme file for more details

https://github.com/mshary/itv/blob/master/README.md

Secondly with v2.0, it uses non-deterministic random source as well as auto-learning, so it can adopt to new symbols and words encountered while encrypting and update itself to use them. So technically, it can also be used for binary data such as RTP, however RTP uses UDP which has possibility of packet loss and thus not suitable for ITV encryption (at least for now, this is a hot discussion within my researchers circle and we are actively looking for a solution for this).

See release notes for v2.0 here,

https://github.com/mshary/itv/releases/tag/v2.0

Anyways, the current target is to use kamailio as SIP proxy and doubango as SIP client for iPhone and Android. Once it is achieved it will be available free / open source to public and then it can be actually tested against all possible voip blocking and sniffing scenarios which we hope it would be able to solve with minimal possible overhead. So far the prototype works pretty good in a few voip blocked countries and GSM operators where we have tested it.

Thank you.




On Wed, Jul 30, 2014 at 5:32 PM, Daniel Tryba <daniel@pocos.nl> wrote:
On Wednesday 30 July 2014 06:37:31 Muhammad Shahzad wrote:
> Humm, no reply so far, may be because my email was very long and no body
> bothered to read it all. Anyways, here is the shorter more direct version
> of it.

I read it all and my only though was: use a VPN.

If someone wants to stop SIP, it has an easy to spot pattern.
If someone wants to stop VPN, they will drop every non clear connection which
doesn't match a known non-VPN pattern.

If I was afraid of my telco listening in on my SIP dialogs, I'd also want to
encrypt RTP. Which is much more resource intensive than encrypting a few SIP
messages. So if you think standard tls is to intensive you'll also have to
create some custom lightweight rtp mangling.

_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users