Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. A Proposed Model For Enhancing VoIP Security
  2. 2. VoIP (Voice Over Internet Protocol) is considered to be the future replacement of PSTN (Public Switched Digital Network), So VoIP must be a reliable, secure and efficient to critical and sensitive operations as in emergency lines, business lines, police and military lines. So our goal is to Improve VoIP security by analysing threats in VoIP system and find a solution that manage us to block threads found in RTP (Real-time Transport Protocol) and make VoIP system to be more secure.
  3. 3. End-of-year subscribers Total consumer annual revenue 4500 12 4000 3500 10 3000 8 2500 6 2000 1500 4 1000 2 500 0 0 2004 2005 2006 2007 2008 2009 USD ( million ) 14 Households ( million ) VoIP is a rapidly growing Internet service that replaces telephony. VoIP has become one of the most important activities for internet users. Making VoIP available and reliable has become important for big segment of people.
  4. 4. Type: Qualitative Approach: Case study; we evaluate the enhancements in security for different cases of attacks. Methods: Task observation Test different security mechanisms to enhance the security level. Test different attack scenarios that may cause DOS (Denial of Service).
  5. 5. Many attackers aim to make the VoIP service down they may target the backdoors of the (RTP) to make (DoS) attacks on it. So we need fully encrypted (RTP) packets as what is done in (SRTP). Since most of these solutions require far more advanced and expensive equipment and infrastructure to be available to all users of VoIP and that can't be the case we require to make VoIP available alternative for (PSTN).
  6. 6. Chapter One: Introduction to VoIP (Voice over Internet Protocol). Chapter Two: Hands on Encryption in Different Systems. Chapter Three: Overview of (AES) Advanced Encryption Standard. Chapter Four: Threats and Attacks on VoIP. Chapter Five: VoIP Requirements and Protocols Architecture. Chapter Six: Recent Trends In VoIP Security. Chapter Seven: Proposed Model. Chapter Eight : Conclusion and Future Work.
  7. 7. The control messages over (RTCP) and the stream over (RTP) are sent over two different sockets. So the delay due to the encryption of any of the control messages will not affect the speed of the stream. The Reception Reports may be strongly authenticated by encrypting the (SSRC) in the Reception Report by the private key of the sender. The rate of sending reception reports insures an interval between packets so that an encryption of the reception reports is possible in this interval.
  8. 8. VoIP is a technology for transmitting and managing voice information over Internet Protocol. Instead of traditional analog telephone, the phone calls can be placed with for example Windows PC, and IP network. VoIP Takes analogue audio signals and turns them into digital signals, or packets. VoIP is the process of transferring the voice into data then is carried over the Internet by Packet Switching technology.
  9. 9. In addition, wireless in locations such as airports, parks and cafes allow you to connect to the Internet and may enable you to use VoIP service wirelessly.
  10. 10. Answering SIP UA Conne ct Call Control Logic Conne ct Originating SIP UA RTP / RTCP SIP SIP The process of creating a session between two VoIP parties. They start with signaling protocol Session Initiation Protocol (SIP) then they open Real-time Transport Protocol (RTP) session to start streaming .
  11. 11. VoIP provides worldwide voice network through already exists networks so it provides wide area calls. VoIP provides advanced features like video calls and video conference. VoIP is digital technology so it is more secure than analogue systems. VoIP is cheap enough to open new segments such as small business, home users, students especially in Long distance costs. VoIP Support for an optional Bluetooth phone, Ethernet or Wi-Fi LAN.
  12. 12. Internet Protocol (IP) IP is a routing protocol for the passing of data packets. Real Time Transport Protocol (RTP) RTP is used to exchange media information such as voice or video and provide end-to-end delivery services. Transmission Control Protocol (TCP) TCP resides at layer four (transport layer) and its function is to ensures that all packets are delivered to the destination and at the correct order.
  13. 13. User Datagram Protocol (UDP) UDP is a simpler protocol that confirm where a packet is sent and a response is received. RTP Control Protocol (RTCP) RTCP is used to control of aspects of RTP sessions. An application may use this aspects to control quality of service parameters, perhaps by limiting flow, or using a different codec.
  14. 14. Confidentiality Data confidentiality which relates to the data being kept safe and only disclosed to authorized parties that can access the information. Availability The system being available for use when needed such systems as critical systems (Financial, Banking , Police records , military records) have to remain available for use at all time. Integrity The integrity of data comes from the data being modified or destroyed by the appropriate personnel only.
  15. 15. Denial of Service (DoS) A DoS attack is characterized by an attempt by attackers to prevent actual users of a service from using that service. Attacks occur when a malicious user sends an extremely large amount of random messages to one or more VoIP end-points.
  16. 16. Symmetric Encryption Data can be encrypted using a private (Secret) key, both the sender and the receiver must know and use the same private key. Asymmetric encryption It is an encryption type that uses two keys, One key is said (Public) key of someone and the other key is (Private) key which derived from the public key. This process occurs every session that is take a long time so a delay in transfer packets occurs.
  17. 17. Since a symmetric encryption uses one public key and no message delay occurs it is our choice encryption algorithm to apply with a VoIP. Types of Symmetric Encryption Data Encryption Standard (DES) DES applies a (56-Bit) key to each (64-Bit) block of data. The process can run in several modes and involves (16-Rounds) or operations. Both the sender and the receiver must know and use the same private key.
  18. 18. Triple DES(3-DES) This method is the same process as DES but instead of going for one single round of encryption reapplied to the cipher-text for two extra times making it a three times the power of ordinary DES. The data is encrypted with the first key, decrypted with the second key, and finally encrypted again with the third key. Triple DES runs three times slower than ordinary DES, but it is much more secure if used properly.
  19. 19. Advanced Encryption Standard (AES) AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. AES algorithm used (128,192,256-bit) keys to encrypt and decrypt (128-bit) block of data. AES algorithm is based on permutations and substitutions. Permutations are re-arrangements of data, and substitutions replace one unit of data with another.
  20. 20. Comparison of Cipher text and Plain Text Block sizes of (DES),(3-DES), (AES) DES 3-DES AES Plaintext block size (bits) 64-bits 64-bits Cipher text Block size (bits) 64-bits 64-bits 128-bits Key size (bits) 56-bits 112 or 156 bits 128,192or256 bits 128-bits
  21. 21. Advantages of AES AES provides more security due to larger block size and longer keys, Where AES uses 128 bit fixed block size and works with 128, 192 and 256 bit keys. AES used in commercial applications such as banking and financial transactions, telecommunications, and private and Federal information.
  22. 22. After studying of (VoIP), it is clearly that (VoIP) is very important technology that is considered to replace (PSTN). VoIP system is still at this moment needs more strong secure techniques. After studying some of encryption algorithms we found that (AES) encryption algorithm is the best one.
  23. 23. (RTP) not encrypted. Any Third-Party can be one of the members of session easily and can make (DOS) to the actual users. Using suitable encryption algorithm (AES) can encrypt the (SSRC) number and prevent any attacker to reach the members of session. AES was chosen for many reasons: Suitable to work with VoIP (AES) runs much faster than any other encryption algorithms in both encryption and decryption phases. (AES) more secure due to working with (128:192:256) bit-key.
  24. 24. For future updates another proposal can be made to integrate all available security solutions into a crypto package of our own or to add the (SSRC) encryption module as software in VoIPsec package making a more advanced security infrastructure for our future VoIP systems. Another Future reference is to implement (SSRC) encryption in core of the (RTP) protocol itself and provide it as a new replacement for the currently available (RTP) protocol instead of the demanding (SRTP) protocol currently used by high grade security VoIP systems.
  25. 25. Thank you...