VoIP: SIP-over-TLS and sRTP: Akuvox

My Akuvox SP-R50 has the very same housing as my AudioCodes 405HD. However, internally, everything is different, even the power voltage. Often the wording (including wrong translations) of the menu items is exactly the same as Atcom, which is very much the same as Yealink. The company is active on Twitter, Facebook, and Google+, but firmware updates are not available for private individuals.

Last tested firmware

50.0.6.156
retested in May 2020 with 50.0.6.179

Configuration

Password:	admin/admin Web → Security
HTTPS:	enabled on default
Update:	Web → Upgrade
Trust Anchors:	Web → Security → Advanced → Client Certificate … Only Accept Trusted Certificates: Enabled (enabled always)
SIP-URI User:	Web → Account → Account: 1 → Register Name Web → Account → Account: 1 → User Name Web → Account → Account: 1 → Display Name (otherwise empty)
SIP-URI Host:	Web → Account → Account: 1 → Server IP: FQDN works
SIP-over-TLS:	Web → Account → Account: 1 → Transport Type: TLS
SDES-sRTP:	Web → Account → Advanced → Account: 1 → Voice Encryption(SRTP): Optional which is RTP/AVP with crypto

Software Bugs

SHA-2 Digest:	does not pick MD5, continues without header Authorization, therefore is not able to register; therefore incompatible with Linphone
AES-256 sRTP:	accepted although not supported; therefore no audio
DNS-SRV:	only for UDP
DNS-NAPTR:	only for UDP
Audio:	G.726-32 has the wrong endianness Mitigation: set ‘g726nonstandard=yes’ in your Digium Asterisk
Session Timers:	broken; reset of sRTP-ROC, when re-INVITE
Call Hold:	broken; reset of sRTP-ROC, when resume
Signaling DiffServ:	works not for TCP (and TLS), only for UDP
Audio DiffServ:	on default, `40` Mitigation: Web → Network → Advanced → Voice QoS: `46`

Security

Bugs:	SDES-sRTP key with reduced entropy (keys observed were digits: 0-9), SIP-over-TLS without authentication (no Hostname Validation), padlock icon even without SIP-over-TLS, missing TLS_ECDHE_[RSA\|ECDSA]_WITH_AES_128_GCM_SHA256, and Cipher Suites include RC4, Single-DES, EXPORT, and Anonymous (looks like OpenSSL 0.9.8)
Privacy:	SIP messages contain first three bytes of MAC (manufacturer) Mitigation: Phone → Account → Advanced → User Agent
Responsible Disclosure:	not available
Firmware Update:	not available for end-users missing Automation

Miscellaneous

Phone → Settings → Advanced → WebServer → Active
Call Reject (UDUB): Web → Phone → Call Feature → (Others) Return Code When Refuse: 486 (default value)
time on display cannot be disabled (displays even seconds)
- Phone → Settings → Basic → Date & Time → SNTP → Time Zone: +1 (Germany)
  Might break in the future. Leaves you behind (or before) with an incorrect time.
- Phone → Settings → Basic → Date & Time → Time format: 24Hour
- Phone → Settings → Basic → Date & Time → Date format: not compatible with German; but disableable

Model Range

Chipset AudioCodes: SP-R67G, SP-R63G, SP-R53P, SP-R55G, SP-R55P, SP-R53P, SP-R52P, SP-R15P
Chipset DSPG: SP-R50P (tested)

Power Supply

5 V 1.5 A, Coaxial: 5.5 mm × 2.1 mm

← back to the other phones.