There are already several encrypted sip/rtsp clients around, porting one to maemo shouldn't be hard if it's not already done. For peer to peer, maybe just tunnel speex through dtls.

I think it will be hard to achieve real security (black suit level) with this type of device though. Too many layers in the software stack for bugs and exploits, too many radios to spew data, too much possibility of analog audio leaking out into the digital signal (this is a very serious concern with wired crypto devices, at least), plus issues like EM radiation from headset wires and weak encryption of Bluetooth, if you use headsets. Otherwise you have to get to the voice stream of the built in mic and speaker, and in some phones (dunno about the N900) that's rather difficult.

Overall a software secure phone can help against some types of attackers but if you are trying to do better than that, you need a hardware product. I know some people who made these in the past, though things are quiet now.