- Expiration Date (12B)
- Public Key (512b or 64B)
- Signature (1024b or 512B)
The signing agent is implicit and must be the same for all PHONE ADAPTER’s that intended to
communicate securely with each other. The public key of the signing agent is pre-configured into the
PHONE ADAPTER’s by the administrator and will be used by the PHONE ADAPTER to verify the
Mini-Certificate of its peer. The Mini-Certificate is valid if a) it has not expired, and b) its signature
checks out.
User Interface
The PHONE ADAPTER can be set up such that all outbound calls are secure calls by default, or not
secure by default. If outbound calls are secure by default, user has the option to disable security
when making the next call by dialing *19 before dialing the target number. If outbound calls are not
secure by default, user has the option to make the next outbound call secure by dialing *18 before
dialing the target number. On the other hand, user cannot force inbound calls to be secure or not
secure; it is at the mercy of the caller whether he/she enables security or not for that call.
If the call successfully switches to the secure mode, both parties will hear the “Secure Call Indication
Tone” for a short while and the CID will be updated with the Name and Number extracted from the
Mini-Certificate sent by the other party, provided CIDCW service and equipment are available: the
CID Name in this case will have a ‘$’ sign inserted at the beginning. The callee should check the
name and number again to ensure the identity of the caller. The caller should also double check the
name and number of the callee to make sure this is what he/she expects. Note that the PHONE
ADAPTER will not switch to secure mode if the callee’s CID Number from its Mini-Certificate does not
agree with the user-id used in making the outbound call: the caller’s PHONE ADAPTER will perform
this check after receiving the callee’s Mini-Certificate.
Service Provider Requirements
The PHONE ADAPTER Mini-Certificate (MC) has a 512-bit public key used for establishing secure
calls. The administrator must provision each subscriber of the secure call service with an MC and the
corresponding 512-bit private key. The MC is signed with a 1024-bit private key of the service
provider who acts as the CA of the MC. The 1024-bit public key of the CA signing the MC must also
be provisioned to each subscriber. The CA public key is used by the PHONE ADAPTER to verify the
MC received from the other end. If the MC is invalid, the PHONE ADAPTER will not switch to secure
mode. The MC and the 1024-bit CA public key are concatenated and base64 encoded into the single
parameter <Mini Certificate>. The 512-bit private key is base64 encoded into the <SRTP Private
Key> parameter, which should be hidden from the PHONE ADAPTER’s web interface like a
password.
Since the secure call establishment relies on exchange of information embedded in message bodies
of SIP INFO requests/responses, the service provider must maker sure that their infrastructure will
allow the SIP INFO messages to pass through with the message body unmodified.
Linksys provides a configuration tool called gen_mc for the generation of MC and private keys with
the following syntax:
gen_mc <ca-key> <user-name> <user-id> <expire-date>
Where:
- ca-key is a text file with the base64 encoded 1024-bit CA private/public key pairs for
signing/verifying the MC, such as
9CC9aYU1X5lJuU+EBZmi3AmcqE9U1LxEOGwopaGyGOh3VyhKgi6JaVtQZt87PiJINKW8XQj3B9Qq
© 2004 Linksys Proprietary (See Copyright Notice on Page 2)
55