Security and Non-Repudiation for Voice-Over-IP Conversations

This thesis presents a concept to achieve non-repudiation for natural language conversations by electronically signing continuous, packet-based, digital voice communication (VoIP). Signing a VoIP-based conversation means to protect the integrity and authenticity of the bidirectional data stream and its temporal sequence which together establish the security context of the communication. The solution is based on chains of hashes and continuously chained electronic signatures. The protection is provided continuously during the ongoing conversations, they are not processed at once like traditional digital documents which could be trivially signed. A possible implementation and necessary protocols are described to apply these concepts to SIP/RTP-based VoIP-communication. This provides a high level of inherent security and enables PKI-based non-reputable signatures over voice as true declarations of will, without additional witnesses and in principle between unacquainted speakers. As a demonstrator for these concepts, an efficient VoIP-archive securing the integrity of SIP-based two-party conversations was implemented.