Session Initiation Protocol - Encryption

Encryption

The increasing concerns about security of calls that run over the public Internet has made SIP encryption more popular. Because VPN is not an option for most service providers, most service providers that offer secure SIP (SIPS) connections use TLS for securing signalling. The relationship between SIP (port 5060) and SIPS (port 5051), is similar to that as for HTTP and HTTPS, and uses URIs in the form "sips:user@example.com". The media streams, which occur on different connections to the signalling stream, can be encrypted with SRTP. The key exchange for SRTP is performed with SDES (RFC 4568), or the newer and often more user friendly ZRTP (RFC 6189), which can automatically upgrade RTP to SRTP using dynamic key exchange (and a verification phrase).

Read more about this topic:  Session Initiation Protocol