Study on SRTP and Design of Key Exchange for Secure VoIP
نویسندگان
چکیده
VoIP [6], [19], [25]是一種快速興起的技 術,其利用 IP (Internet Protocol) [7]技術來實現 新型的電話通訊。VoIP 透過語音信號數位化 處理、壓縮編碼等讓其於網路上傳輸;然後再 解壓縮,把數位信號還原成原音,來達到通話 的目的。VoIP 將聲音從傳送端到達目的端的 基本過程是:1.聲電轉換-透過裝置將聲波變 換為電信號;2.量化取樣-將模擬電信號按照 某種取樣方式(例如:脈衝編碼調製,即 PCM) 轉換成數位信號;3.製成封包-將一定時長數 位化後的語音信號組合,隨後,按照國際電聯 (ITU-T)的標準,這些語音數據被封裝到 RTP [2], [4]封包中,接著並進一步封裝到 UDP (User Datagram Protocol) [7]封包和 IP 封包 中;4.傳輸-IP 封包在 IP 網路由傳送端傳送 到目的端;5.接收封包並做電聲轉換。VoIP 技 術有別於傳統電話網路,例如,公眾交換電話 網 路 (Public-Switched Telephone Network, PSTN)使用線路交換(Circuit Switching)的技 術,它是使用分封交換(Packet Switching)的技 術來傳輸語音,而規範語音封包的協定則是 RTP。雖然 VoIP 技術可減少語音及資料通訊 的成本,但是網路上充斥著各種駭客攻擊,因 此有許多安全研究的議題及改進的空間。
منابع مشابه
Integrating Secure RTP into the Open Source VoIP PBX Asterisk
Implementations of Voice over Internet Protocol (VoIP) have focused, up to now, mainly on the need to transport data in real-time, often at the expense of security. The neglect of secure VoIP is often intentional, as developers are striving to minimise overheads and delays. The Secure Real-Time Protocol (SRTP) has the potential to secure real-time streams without exacting too high a performance...
متن کاملDesign of Secure VoIP using ID-Based Cryptosystem
SIP message authentication and SRTP key agreement are the important issue in the SIP-based VoIP service. Several secure solutions such as HTTP Digest Authentication, SSL/TLS, and S/MIME, are used for the SIP message authentication and key agreement. When the VoIP is used in the wireless environments, the efficiency of security service is one of the important matters in question. Therefore, we w...
متن کاملAnalysis of Secure Real Time Transport Protocol on VoIP over Wireless LAN in Campus Environment
In this research, we propose to implement Secure Real Time Transport Protocol (SRTP) on VoIP services in campus environment. Today, the deployment of VoIP in campus environment over wireless local area network (WLAN) is not considered on security during communication between two parties. Therefore, this study is to analyzed SRTP performance on different VoIP codec selection over wired. We have ...
متن کاملNew Novel Approaches for Securing VoIP Applications
SIP message authentication and SRTP key agreement are the important issue in the SIP-based VoIP service. Several secure solutions such as HTTP Digest Authentication, SSL/TLS, and S/MIME, are used for the SIP message authentication and key agreement. When the VoIP is used in the wireless environments, the efficiency of security service is one of the important matters in question. For the such ef...
متن کامل“Detecting Man in the Middle Attacks on Ephemeral Diffie-Hellman without Relying on a Public Key Infrastructure in Real-Time Communications”
With the recent revelations about pervasive surveillance on the Internet, there is renewed interest in techniques that protect against passive eavesdropping without relying on a Public Key Infrastructure (PKI). An ephemeral Diffie-Hellman (DH) key agreement can provide such protection, but (without authentication) the exchange is vulnerable to a Man in the Middle (MitM) attack. An example of a ...
متن کامل