近年來行動通訊系統的發展成熟且非常快速，各項Volp技術議題被熱烈討論，特別在Session mobility的新議題逐漸發酵。本篇論文著重在安全設計上，使用MIKEY作為key management的機制，並由MIKEY協議出的key提供給SRTP做RTP session加解密保護並且提供認證。在無所不在的行動網路中，用戶有可能在前一台使用的裝置上，仍保留本身的重要資訊，例如:個人的私鑰。如下兩種情形: (1) 使用者把正在傳送的session從原本的裝置轉換到另一個裝置 (2) 使用者對一開始建立的session從別裝置又回到原裝置。因此，用戶可能會洩漏資訊或是被敵方攻擊，尤其是在公用電子裝置上更會發生這些問題。所以，我們提出rekeying的方法結合” KEY Chain ”的protocol。在標準的MIKEY (Multimedia Internet Keying)上加入rekey的機制，我們稱做為”MIRKEY” (Multimedia Internet Rekeying)。來達成即使換裝置後，仍然可保持對此使用者的信任。 我們的方法達成多項安全要求及抵抗各種攻擊和威脅。最後，使用BAN logic對我們的方法做驗證，並展現其效能分析。

Session mobility is one of new critical issues in the ubiquitous mobile networking environment. Session mobility provides a user changing its ongoing multimedia session, e.g., Voice-over-Internet Protocol (VoIP), from the using device to another by adapting user’s demand. In session Initial Protocol (SIP)-based multimedia services supporting session mobility, SIP serves as a signaling control protocol to negotiate session control, whereas media is transmitted using Real-time Transport Protocol (RTP). For securing multimedia sessions, Multimedia Internet Keying (MIKEY) is embedded in SIP signaling to negotiate security parameters for Secure RTP (SRTP), whereas SRTP is used to protect media stream. Since session mobility provides that an ongoing multimedia session is transferred from one device to another, a new security problem is raised, i.e., sensitive parameters may remain in previous devices when the ongoing multimedia session has been transferred to the current device. Unfortunately, current MIKEY cannot bear the aforementioned security problem in session mobility. Therefore, we propose Multimedia Internet Rekeying (MIRKEY) for session mobility in the ubiquitous mobile networking environment. Since MIRKEY has rekey capability, each sensitive security parameter in MIRKEY is persistently refreshed. As a result, sensitive parameters are operative only in the specific device. As a result, MIRKEY can solve the newly raised security problem in session mobility. Furthermore, we verify MIRKEY using Burrows-Abadi-Needham (BAN) logic.

[1] “Download from http://download.savannah.nongnu.org/releases/linphone/ortp,”
[2] “Download from http://savannah.nongnu.org/cookbook/?group=exosip,”
[3] “Download from http://standards.ericsson.net/cgi-bin/fli/mikeysrtp,”
[4] “Download from http://www.gnu.org/software/osip/,”
[5] “This research is supported by the National Science Council of the Republic of China, Taiwan under the contract number NSC 96-2219-E-006-007,”
[6] F. Andreasen and M. B. snd D. Wing, “Session Description Protocol (SDP) Security Descriptions for Media Streams,” RFC 4568, July 2006.
[7] J. Arkko, E. Carrara, F. Lindholm,M. Naslund, and K. Norrman, MIKEY:Multimedia Internet KEYing,” RFC 3830, August 2004.
[8] M. Baugher, D. McGrew, M. Naslund, E. Carrara, and K. Norrman, “The Secure Realtime Transport Protocol (SRTP),” RFC 3711, March 2004.
[9] R. Blom, E. Carrara, F. Lindholm, K. Norrman, M. Naslund, E. Res, and S. Stockholm, “Conversational IP multimedia security,” Mobile and Wireless Communications Network, 2002. 4th International Workshop on, pp. 147–151, 2002.
[10] M. Burrows, M. Abadi, and R. Needham, “A logic of authentication,” ACM Transactions on Computer Systems, pp. 18–36, 1990.
[11] M. Collier, “Basic Vulnerability Issues for SIP Security,” Research Report, 2005.
[12] D. Geneiatakis, G. Kambourakis, T. Dagiuklas, C. Lambrinoudakis, and S. Gritzalis, “SIP SecurityMechanisms: A state-of-the-art review,” Proc. 5th International Network Conference (INC), pp. 147–155.
[13] P. Gupta and V. Shmatikov, “Security Analysis of Voice-over-IP Protocols,” IEEE ComputerSecurity Foundations Symposium, NO. 49-63, July 2007.
[14] E. Gutman, C. Perkins, J. Veizades, and M. Day, “Service Location Protocol, Version 2,” RFC 2608, June 1999.
[15] Handley, M., and V. Jacobson, “SDP: Session Description Protocol,” RFC 2327, April 1998.
[16] R. Housley, “Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP),” RFC 3686, January 2004.
[17] C. Huang, C. Lin, C. Yang, and X. Lin, “Network-Aware Multimedia Streaming using the Kalman Filter Over the Wired/Wireless/3G Networks,” Proceeding of IEEE International Conference on Multimedia Expo, NO. 923-926, July 2007.
[18] W. Huaxu, S. Guiping, andM. Hongyan, “Sip for mobile networks and security model,” Wireless Communications, Networking and Mobile Computing, 2007. WiCom 2007. International Conference on, pp. 1809–1812, September 2007.
[19] L. L. Iacono and C. Ruland, “Confidential multimedia communication in IP networks,” ICCS archive Proceedings of the The 8th International Conference on Communication Systems, VOL. 01, NO. 516-523, July 2002.
[20] L. Popescu, “Supporting Multimedia Session Mobility using SIP,” CNSR 2003 Conference, May, pp. 15–16, 2003.
[21] B. Ramsdell, “S/MIME Version 3 Message Specification,” RFC 2636, June 1999.
[22] J. Rosenberg, J. Peterson, H. Schulzrinne, and G. Camarillo, “Best Current Practices for Third Party Call Control (3pcc) in the Session Initiation Protocol (SIP),” RFC 3725, April 2004.
[23] J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks,
M. Handley, and E. Schooler, “SIP: Session Initiation Protocol,” RFC 3261, June 2002.
[24] J. Rosenberg, H. Schulzrinne, and P. Kyzivat, “Indicating User Agent Capabilities in the Session Initiation Protocol (SIP),” RFC 3840, August 2004.
[25] J. Rosenberg, H. Schulzrinne, and P. Kyzivat, “Information Technology Multimedia Framework (MPEG-21) Part 7: Digital Item Adaptation,” ISO/IEC 21000-7, 2004.
[26] H. Schulzrinne, S. Casner, R. Frederick, and V. Jacobson, “RTP: A Transport Protocol for Real-Time Applications,” RFC 1889, January 1996.
[27] H. Schulzrinne and E.Wedlund, “Application-LayerMobility Using SIP,” ACMMobile Computing and Communications Review, VOL. 4, NO. 3, July 2000.
[28] R. Shacham, H. Schulzrinne, S. Thakolsri, and W. Kellerer, “Session Initiation Protocol (SIP) Session Mobility,” draft-shacham-sipping-session-mobility-05, November 18 2007.
[29] R. Sparks, “The Session Initiation Protocol (SIP) Referred-ByMechanism,” RFC 3892, September 2004.
[30] A. Steffen, D. Kaufmann, and A. Stricker, “SIP Security,” E-Science und Grid,
Ad-hoc-Netze, Medienintegration–18. DFN-Arbeitstagung ¨uber Kommunikationsnetze, D¨usseldorf., GI-Edition–Lecture Notes in Informatics P-55, Bonner K¨ollen Verlag, pp. 397–410, 2004.