VoIP (Voice Over Internet Protocol) is
considered to be the future replacement of
PSTN (Public Switched Digital Network), So
VoIP must be a reliable, secure and efficient to
critical and sensitive operations as in
emergency lines, business lines, police and
So our goal is to Improve VoIP security by
analysing threats in VoIP system and find a
solution that manage us to block threads found
in RTP (Real-time Transport Protocol)
and make VoIP system to be more secure.
USD ( million )
Households ( million )
VoIP is a rapidly growing
Internet service that
VoIP has become one of
the most important
activities for internet
Making VoIP available
and reliable has become
important for big
segment of people.
Case study; we evaluate the enhancements in
security for different cases of attacks.
Test different security mechanisms to enhance the
Test different attack scenarios that may cause
DOS (Denial of Service).
Many attackers aim to make the VoIP service
down they may target the backdoors of the
(RTP) to make (DoS) attacks on it.
So we need fully encrypted (RTP) packets as
what is done in (SRTP).
Since most of these solutions require far more
advanced and expensive equipment and
infrastructure to be available to all users of
VoIP and that can't be the case we require to
make VoIP available alternative for (PSTN).
Chapter One: Introduction to VoIP (Voice over
Chapter Two: Hands on Encryption in Different
Chapter Three: Overview of (AES) Advanced
Chapter Four: Threats and Attacks on VoIP.
Chapter Five: VoIP Requirements and Protocols
Chapter Six: Recent Trends In VoIP Security.
Chapter Seven: Proposed Model.
Chapter Eight : Conclusion and Future Work.
The control messages over (RTCP) and the stream
over (RTP) are sent over two different sockets. So
the delay due to the encryption of any of the
control messages will not affect the speed of the
The Reception Reports may be strongly
authenticated by encrypting the (SSRC) in the
Reception Report by the private key of the sender.
The rate of sending reception reports insures an
interval between packets so that an encryption of
the reception reports is possible in this interval.
VoIP is a technology for transmitting and
managing voice information over Internet
Protocol. Instead of traditional analog
telephone, the phone calls can be placed with
for example Windows PC, and IP network.
VoIP Takes analogue audio signals and turns
them into digital signals, or packets.
VoIP is the process of transferring the voice
into data then is carried over the Internet by
Packet Switching technology.
In addition, wireless in locations such as
airports, parks and cafes allow you to connect
to the Internet and may enable you to use VoIP
RTP / RTCP
The process of creating a session between two VoIP
parties. They start with signaling protocol Session Initiation
Protocol (SIP) then they open Real-time Transport Protocol
(RTP) session to start streaming .
VoIP provides worldwide voice network through
already exists networks so it provides wide area calls.
VoIP provides advanced features like video calls
and video conference.
VoIP is digital technology so it is more secure
than analogue systems.
VoIP is cheap enough to open new segments such
as small business, home users, students especially
in Long distance costs.
VoIP Support for an optional Bluetooth phone,
Ethernet or Wi-Fi LAN.
Internet Protocol (IP)
IP is a routing protocol for the passing of data
Real Time Transport Protocol (RTP)
RTP is used to exchange media information
such as voice or video and provide end-to-end
Transmission Control Protocol (TCP)
TCP resides at layer four (transport layer) and
its function is to ensures that all packets are
delivered to the destination and at the correct
User Datagram Protocol (UDP)
UDP is a simpler protocol that confirm where a
packet is sent and a response is received.
RTP Control Protocol (RTCP)
RTCP is used to control of aspects of RTP
An application may use this aspects to control
quality of service parameters, perhaps by
limiting flow, or using a different codec.
Data confidentiality which relates to the data being
kept safe and only disclosed to authorized parties
that can access the information.
The system being available for use when needed
such systems as critical systems (Financial,
Banking , Police records , military records) have to
remain available for use at all time.
The integrity of data comes from the data being
modified or destroyed by the appropriate personnel
Denial of Service (DoS)
A DoS attack is characterized by an attempt
by attackers to prevent actual users of a
service from using that service.
Attacks occur when a malicious user sends an
extremely large amount of random messages
to one or more VoIP end-points.
Data can be encrypted using a private (Secret)
key, both the sender and the receiver must
know and use the same private key.
It is an encryption type that uses two keys, One
key is said (Public) key of someone and the
other key is (Private) key which derived from
the public key.
This process occurs every session that is take
a long time so a delay in transfer packets
Since a symmetric encryption uses one public
key and no message delay occurs it is our
choice encryption algorithm to apply with a
Types of Symmetric Encryption
Data Encryption Standard (DES)
DES applies a (56-Bit) key to each (64-Bit) block
of data. The process can run in several modes
and involves (16-Rounds) or operations.
Both the sender and the receiver must know
and use the same private key.
This method is the same process as DES but
instead of going for one single round of encryption
reapplied to the cipher-text for two extra times
making it a three times the power of ordinary DES.
The data is encrypted with the first key, decrypted
with the second key, and finally encrypted again
with the third key.
Triple DES runs three times slower than ordinary
DES, but it is much more secure if used properly.
Advanced Encryption Standard (AES)
AES algorithm is a symmetric block cipher that
can encrypt (encipher) and decrypt (decipher)
AES algorithm used (128,192,256-bit) keys to
encrypt and decrypt (128-bit) block
AES algorithm is based on permutations and
Permutations are re-arrangements of data, and
substitutions replace one unit of data with
Comparison of Cipher text and Plain Text Block
sizes of (DES),(3-DES), (AES)
Block size (bits)
112 or 156
Advantages of AES
AES provides more security due to larger block
size and longer keys, Where AES uses 128 bit
fixed block size and works with 128, 192 and
256 bit keys.
AES used in commercial applications
such as banking and financial transactions,
telecommunications, and private and Federal
After studying of (VoIP), it is clearly that (VoIP)
is very important technology that is considered
to replace (PSTN).
VoIP system is still at this moment needs more
strong secure techniques.
After studying some of encryption algorithms
we found that (AES) encryption algorithm is the
(RTP) not encrypted.
Any Third-Party can be one of the members of
session easily and can make (DOS) to the
Using suitable encryption algorithm (AES) can
encrypt the (SSRC) number and prevent any
attacker to reach the members of session.
AES was chosen for many reasons:
Suitable to work with VoIP
(AES) runs much faster than any other
encryption algorithms in both encryption and
(AES) more secure due to working with
For future updates another proposal can be made to
integrate all available security solutions into a crypto
package of our own or to add the (SSRC) encryption
module as software in VoIPsec package making a
more advanced security infrastructure for our future
Another Future reference is to implement (SSRC)
encryption in core of the (RTP) protocol itself and
provide it as a new replacement for the currently
available (RTP) protocol instead of the demanding
(SRTP) protocol currently used by high grade
security VoIP systems.