SRTP on Acrobits Softphone and Groundwire.

About SRTP (Secure Real-time Transport Protocol)

UPDATE: SRTP is now available for iOS and Android.

SRTP is a way to encrypt the audio for your VoIP calls. Acrobits Softphone and Groundwire support two methods, SDES and ZRTP. SDES support is included for both incoming and outgoing calls. ZRTP support is included for incoming calls, but requires an in app purchase to use ZRTP for outgoing calls.

ZRTP is the latest in SIP call encryption and we believe it is the more secure option. But if call security is vital to you, we recommend you do your own research to decide which is right for you. You can start by checking out their Wikipedia pages below.

http://en.wikipedia.org/wiki/SDES

http://en.wikipedia.org/wiki/ZRTP

Here is a brief description of the important points of each method regarding use on Acrobits Softphone and Groundwire

SDES

A secure signaling channel is required to use SDES. This basically means that you will need to use the tls transport protocol. Since most SIP providers don't support tls as a transport protocol, this method will most likely only be available to those with their own PBX. A couple of notes. SDES is prone to man in the middle attacks (eavesdropping) and is largely dependent on the behavior of proxies along the SIP path. There may be hops between which the keys are transferred in clear text. Due to security concerns, SDES is also disabled for pushed calls.

ZRTP

ZRTP is a media path key exchange method for SRTP. It can be used to secure calls even when they are on insecure channels (e.g, you can use it with the udp transport protocol). Unlike SDES, it prevents eavesdropping opportunities at proxies. Important Note: Using Asterisk with ZRTP will require a patch. You can get it at the link below.

http://zfoneproject.com/prod_asterisk.html

Using SRTP

Full support for SDES is included in both Acrobits Softphone and Groundwire with no additional purchase. ZRTP requires an in app purchase to make outbound calls using ZRTP, but is already enabled for incoming calls so you can test it before you decide to purchase it.

To adjust the settings for SRTP, tap on settings, then SIP Accounts, then your SIP Account. Tap on advanced settings, then secure calls. SDES is listed first, we have separate settings for incoming calls and outbound calls. The different settings effect the behavior of Acrobits Softphone and Groundwire in the following way.

Incoming calls

Disabled: accepts only unencrypted calls

Enabled: accepts encrypted and unencrypted calls (default setting)

Required: accepts only encrypted calls

Outgoing calls

Disabled: makes unencrypted calls (default setting)

Best Effort: makes encrypted calls, but will accept if the other party responds with unencrypted response

Required: makes encrypted calls and requires encrypted response

To test ZRTP, make a call from one SIP account on another softphone that supports ZRTP to your SIP account on Acrobits Softphone. You can get a free softphone (Zfone) for your desktop that supports ZRTP at the link below.

http://zfoneproject.com/prod_zfone.html

If you are able to successfully place and receive the call, your provider works with ZRTP. Just go to add ons to purchase support for ZRTP for outbound calls. Then go to the advanced settings and tap on secure calls to adjust the settings for ZRTP. Like SDES, ZRTP has the following settings.