Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2007.14-C.1.055

Evaluation of Security Protocols for the Session Initiation Protocol  

Cha, Eun-Chul (성균관대학교 컴퓨터공학과)
Choi, Hyoung-Kee (성균관대학교 정보통신공학부 컴퓨터공학과)
Publication Information
The KIPS Transactions:PartC / v.14C, no.1, 2007 , pp. 55-64 More about this Journal
Abstract
Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.
Keywords
Session Initiation Protocol(SIP); Call setup delay; Network security; Signaling protocol;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Thomas J. Walsh and D. Richard Kuhn, 'Challenges in Securing Voice over IP,' IEEE Security & Privacy Magazine, Vol.3, iss. 3, May, 2005   DOI   ScienceOn
2 D. Harkins, and D. Carrel, 'The Internet Key Exchange (IKE),' IETF RFC 2409. Nov., 1998
3 I. D. Curio and M. Lundan, 'SIP Call Setup Delay in 3G Networks,' in Proc. 7th IEEE ISCC '02, July, 2002   DOI
4 Swapna S. Gokhale., 'Signaling Performance of SIP Based VoIP: A Measuremnet Based Approach,' Globecom 05', Vo1.2, Nov., 2005   DOI
5 G. Camarillo, R. Kantola, and H. Schulzrinne, 'Evaluation of transport protocols for the session initiation protocol,' IEEE Network, Vol.17, No.5, Oct., 2003   DOI   ScienceOn
6 (IMS); Stage 2(Realease 7),' 3GPP specification, June 2006
7 H. Fathi et al., 'On SIP Session Setup Delay for VoIP services Over Correlated Fading Channels,' IEEE Trans. Veh. Technol., Vol.55, No.1, Jan. 2006   DOI   ScienceOn
8 T. Eyers and H. Schulzrinne, 'Predicting internet telephony call setup delay,' in Proc. IP Telephony Workshop. Apr., 2000
9 T. Dierks, C. Allen, 'The Transport Layer Security (TLS) Protocol Version 1.1,' IETF RFC 4346, Apr., 2006
10 S. Salsano, L. Veltri, and D.Papalilo, 'SIP Security Issues: The SIP Authenication Procedure and its Processing Load,' IEEE Networks, Vol.16, No.6, Dec., 2002   DOI   ScienceOn
11 A. Jungmaier, E. Rescorla, and M. Tuexen, 'Transport Layer Security over Stream Control Transmission Protocol,' IETF RFC 3436, Dec., 2002
12 P. Metha and S Ubani, 'Voice over IP,' IEEE Potentials Magazine, Vol.20, Iss.4, Oct., 2001   DOI   ScienceOn
13 U. Varshney et al., 'Voice over IP,' Communications of the ACM, Vol.45, No.1, Jan., 2002
14 H. Schulzrinne and J. Rosenberg, 'The Session Initiation Protocol: Internet Centric Signaling', IEEE Communications Magazine, Vol.38, Iss.4, Oct., 2001
15 S. Kent, 'IP Authentication Header,' IETF RFC 4302. Dec., 2005
16 J. Rosenberg et al., 'SIP: Session Initiation Protocol,' IETF RFC 3261, June, 2002
17 M. Tuexen, C. Hohendorf, and E. Rescorla, 'Datagram Transport Layer Security for Stream Control Transmission Protocol,' IETF Internet Draft , Aug., 2006
18 S. Kent, and K. Seo, 'Security Architecture for the Internet Protocol,' IETF RFC 4301, Dec., 2005
19 S. Kent, 'IP Encapsulating Security Payload (ESP),' IETF RFC 4303. Dec., 2005
20 E. Kohler, M. Handley, and S. Floyd, Datagram Congestion Control Protocol (DCCP),' IETF RFC 4340, Mar., 2006
21 E. Rescorla, and N. Modadugu, 'Datagram Transport Layer Security,' IETF RFC 4347, Apr., 2006