簡易檢索 / 詳目顯示
| 研究生: |
郭嘉明 Kuo, Chia-Ming |
|---|---|
| 論文名稱: |
行動會議上網路電話安全之研究 VoIP security in session mobility |
| 指導教授: |
李忠憲
Li, Jung-Shian |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 電腦與通信工程研究所 Institute of Computer & Communication Engineering |
| 論文出版年: | 2007 |
| 畢業學年度: | 95 |
| 語文別: | 中文 |
| 論文頁數: | 60 |
| 中文關鍵詞: | 轉移信賴 、網路電話 |
| 外文關鍵詞: | MIKEY, SIP-Based VoIP, SRTP, transitive trust |
| 相關次數: | 點閱:78 下載:1 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
近年來,VoIP相關技術的成熟發展,及其應用已經和傳統的電話一樣地普遍,由於VoIP是基於IP網路的語音通訊,當然無法避免網路安全方面的相關威脅,因此目前許多網路設備業者也已逐漸開始與相關安全的業者進行合作,以期待可以提供更安全可靠的VoIP通話,VoIP 主要採用H.323或SIP(Session Initiation Protocol)[1]兩種協定來建置, 早期是以H.323來作為應用在IP網路中VoIP的建置技術,但對於VoIP而言,H.323的整理訊框過於繁雜,造成使用上效率的大幅降低,除此之外,H.323還缺乏支援VoIP信號協定的延展性。
本篇論文主要為實作出SIP-based VoIP為主,探討在session mobility的環境中,可能會遭受到的攻擊情況,整合不同的軟硬體設備和不同的網路環境,當使用者在切換通信設備(ex.處理能力不同的 NB或PDA)或者是漫遊到別的不同網路環(ex. Ethernet或WLAN)下的過程中,不會因為切換了通信設備或是換了不同的網路環境,而讓對等通信的一方感受到因時間延遲所造成通話品質的影響,或者遭受到攻擊或竊聽的不安全情形發生,達到轉移信賴的條件。
我們使用MIKEY協定來做安全的SRTP master key交換機制,再利用交換得來的master key導出session key,用session key來保護會議建立之後的即時語音傳輸,比較並分析在non-secure、pre-shared key exchange management以及Cert-based的Diffie-Hellman(D-H) key exchange management這三種不同的狀態下,對我們所定義的invite processing delay,invite response delay和session mobility time delay所會造成的影響。
In the recent years, VoIP is a popular application as VoIP related techniques matured. It will face with the danger of network security since VoIP is voice communication based on IP network. Therefore, many network device manufacturer begin to work together with security experts for providing more secure and reliable voice communication application. VoIP mainly adopted H.323 or SIP protocol. H.323 is an earlier technique, whose frame is too multifarious and without scalability for VoIP.
Our research is to establish secure SIP-based VoIP environment, we integrate various SIP-based soft phone in Ethernet and Wireless Local Area network (WLAN) for real-time voice applications. To keep user not to feel degraded on the Quality of Service (QoS) and suffer security problems in session mobility, so our system can achieve transitive trust.
We use MIKEY protocol to achieve secure SRTP master key exchange, and then use session key derived from master key to protect real-time voice communication from eavesdropping or attack. Under definition of invite processing delay, invite response delay and session mobility time delay, we compare the effects in the different key exchange mechanism, such as pre-shared key exchange management or Diffie-Hellman(D-H) key exchange management based on the certificate.
[1] J. Rosenberg et al.,” SIP: Session Initiation Protocol,” IETF RFC 3261, June 2002.
[2] J. Arkko et al., ”Security Mechanism Agreement for SIP Session,” <draft-ietf-sip-sec-agree-04.txt> IETF RFC 3329, June 2002.
[3] M. Baugher, D. McGrew, Cisco Systems, Inc., M. Naslund, E. Carrara, K. Norrman, “The Secure Real-time Transport Protocol (SRTP)” IETF RFC 3711, March 2004.
[4] J. Arkko, E. Carrara, F. Lindholm, M. Naslund, K. Norrman, ” MIKEY: Multimedia Internet KEYing” IETF RFC 3830, August 2004.
[5] M. Thomas, “SIP Security Requirement,” IETF Internet draft
<draft-thomas-sip-sec-req-00.txt> , Nov 2001.
[6] Andreas Steffen, Daniel Kaufmann, Andreas Stricker “SIP Security” Security Group, CH-8401, 2004.
[7] Stefano Salsano, Luca Veltri, Donald Papalilo, “SIP Security Issues: The SIP Authentication Procedure and its Processing Load” IEEE Network November/December 2002.
[8] Elthea T. Lakay, Johnson I. Agbinya “Security Issues in SIP Signaling in Wireless Networks and Services” IEEE International Conference on Mobile Business 2005.
[9] Nilanjan Banerjee, Sajal K. Das, Arup Acharya “SIP-based Mobility Architecture for Next Generation Wireless Networks” 3rd IEEE Int’l Conf. on Pervasive Computing and Communications 2005.
[10] Shun-Chao Huang, Zong-Hua Liu, Jyh-Cheng Chen “SIP-Based Mobile VPN for Real-Time Applications” IEEE Communication Society/WCNC 2005.
[11] Wei Liang, Wenye Wang, “A Quantitative Study of Authentication and Qos in Wireless IP Networks” IEEE Computer and Communications Societies March 2005.
[12] Yuan Zhang, “SIP-based VoIP network and its interworking with the PSTN” Electronics & Communication Engineering Journal December 2002.
[13] 郭嘉明,李忠憲 ”Adaptive security scheme in session mobility” 全國電信研討會2006.
[14] VoIP網路電話技術,陳宏宇編著,文魁資訊出版2005.
[15] 網路電話SIP原理與應用,戴江淮、姜玲鳳編著,儒林出版2005.
[16] Visual C++ 2005 Express 入門進階,位元文化編著,文魁資訊出版2005.
[17] 近代密碼學及其應用,賴溪松,韓亮,張真誠編著,旗標出版2003.
[18] http://www.iptel.org
[19] http://mit.edu/sip/sip.edu/ser/shtml
[20] http://lpi.indicator-online.net/mysql.html
[21] http://www.ascc.sinica.edu.tw/nl/91/1818/02.txt
[22] http://www.imacat.idv.tw/tech/sslcerts.html
[23] http://www.minisip.org/
[24] http://lists.minisip.org/pipermail/minisip-users/
[25] http://linux.vbird.org/
校內:2008-07-13公開校外:2008-07-13公開