Asterisk - Authentifikation durch Key in ENUM

  <//td> With the modified chan_sip it is possible to use a public key stored in a DNS record to authenticate the caller-id of an incoming call. In combination with ENUM the DNS-record is linked to the callerid. The caller ID of the incoming call is used to request the DNS/ENUM record. If a key is stored in the requested record, this key is used to autheticate the call. ENUM/Portunity authenticates each caller id by calling back the user on the given number. So a user can store his key only under his own ENUM-Domain. With this modification ENUM can be used for interconnection between several VoIP-System. The security of this approach depends on the security of the underlying DNS system. If a secure DNS System (DNS-Sec or certificated DNS-entries) is used the whole system can provide a secure authentication between dynamic linked and in beforehand unknown voip-system. The idea is like sip identity [draft-ietf-sip-identity-04] with the difference that the key is stored and validated by ENUM. That means, that no additional system/server is needed to validate and provide the key<//td>


Complete modified asterisk-running
Modified chan_sip for asterisk version 1.4.0
Diploma thesis with description of the system and the code