• Journal of the Korea Society of Computer and Information
• /
• v.17 no.3
• /
• pp.113-120
• /
• 2012

VoIP provides voice data service using existing IP networks and has received much attention recently. VoIP service has a variety of security vulnerabilities. Types of main attacks on VoIP service are tapping/interception, DoS attacks, spam, misuse of service attacks and the like. Of these, confidential information leak because of tapping/interception has been considered as a critical problem. Encryption techniques, such as SRTP and ZRTP, are mostly used to prevent tap and intercept on VoIP media information. In general, VoIP service has two service scenarios. First, VoIP service operates within a single private network. Second, VoIP service operates between different private networks. Both SRTP and ZRTP for VoIP media information within a single private network can perform encryption. But they can not perform encryption between different private networks. In order to solve this problem, in this paper, we modify SRTP protocol. And then, we propose an encryption method that can perform encryption of VoIP media information between the different private networks.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.4
• /
• pp.87-96
• /
• 2013

In this paper, we suggest redesigned RTP protocol that is able to perform encryption of VoIP media information for single private network and between the different private networks. And we conduct a test for performance analysis. Such as SRTP or ZRTP methods have been used for VoIP media encryption. But, the existing encryption techniques have problem that can not perform end-to-end encryption between different private networks. In order to solve this problem, in this paper, we redesign RTP protocol. Redesigned RTP includes all information for encryption of VoIP media. Therefore the encryption is not affected by modification of SIP and SDP information that occurred in gateway. Also, redesigned RTP includes code for whether or not to apply encryption. By using the code, modification of RTP header from gateway prevents. As a result, redesigned RTP maintain the integrity and the RTP is able to perform encryption between the different private networks. Also, we conduct a test for performance analysis of SRTP, ZRTP and redesigned RTP.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.147-156
• /
• 2009

This paper proposes a SRTP key exchange scheme using split transfer of divided RSA public key in SIP-based VoIP environment without PKI. The existing schemes are hard to apply to real VoIP environment, because they require a PKI and certificates in the end devices. But in case of ZRTP. which is one of existing schemes, it's able to exchange SRTP Key securely without PKI, but it is inconvenient since it needs user's involvement. To solve these problems, the proposed scheme will split RSA public key and transmit them to SIP signaling secession and media secession respectively. It can defend effectively possible Man-in-The-Middle attacks, and it is also able to exchange the SRTP key without the user's involvement. Besides, it meets the requirements for security of SRTP key exchange. Therefore, it's easy to apply to real VoIP environment that is not available to construct PKL.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.109-120
• /
• 2008

VoIP utilizes the Internet for the services, and therefore it is vulnerable to intrusions and attacks. Because provided services deal with information related to privacy of users, it requires high level security including authentication and the confidentiality/integrity of signaling messages and media streams. However, when such a protocol is implemented in a VoIP phone, the implementation can have limitations due to the limited resources. The present study purposed to implement VoIP security protocols and to evaluate their performance in terms of connection quality and voice quality by applying them to SIP proxy and UA (User Agent). In the result of performance evaluation, the application of the security protocols did not lower voice quality, but connection quality was high in the DTLS based security protocol. As the protocol was applicable to signaling and media paths based on DTLS, we found that it can be a solution for the limited resources of VoIP phone.