?
Solved

Voip and Communications Assistance for  Law Enforcement  Act

Posted on 2011-03-23
1
Medium Priority
?
315 Views
Last Modified: 2012-05-11
Hi:
I need help in resolving the following question:
I have a company which uses Voip which has a server with all the company user’s registered names. That server is used to set up each call by giving each participant the IP address of the other party. The actual phone calls are peer to peer encrypted links ( which do not go through any of  my servers, and the keys do not come from the company but, instead it comes from a Diffie Helman exchange).
My company is required to comply with the Communications Assistance for  Law Enforcement  Act (CALEA) for all calls to and from USA phones.
A)      How can my company determine if a phone call is being made in the USA?
B)      Where would the CALEA have to put the hardware or software to eavesdrop on the calls?


0
Comment
Question by:Sundayy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 40

Accepted Solution

by:
noci earned 2000 total points
ID: 35203367
The only way I can see is that you need some "Man in the middle" ...
for example a proxy server that is presented to both as the endpoint, on that endpoint you can log a conversation.
If you have a zrtp based connection this will not exactly work though. ( due to the missing end to end encryption)...
It might not even work in your case depending on the protocol around the DH exchange.
It might be sufficient to have the encrypted stream and a key to decode the data (if that is possible), then you just need a proxy that logs the raw stream (still a proxy in the middle) + a way to get the key.

This might be tough to undoable depending on the exact technology involved.
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month15 days, 10 hours left to enroll

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question