SECURITY CONSIDERATIONS IN CURRENT VOIP PROTOCOLS

Steffen Fries

2006

Abstract

This document describes current state of the art security functionality provided in the four mainly used and standardized Voice over IP (VoIP) signaling protocols, as there are the Session Initiation Protocol (SIP), H.323, Megaco, and the Media Gateway Control Protocol (MGCP). It outlines the security provided by the protocols itself or by dedicated security extensions including lower layer security protocols like Transport Layer Security (TLS) or IPSec. Moreover, vulnerabilities, which still remain in protocols or certain scenarios, are depicted as well. Furthermore discussed are also security approaches for the media data provided by the Secure Real-time Transport Protocol (SRTP) and associated key management schemes. Conclusions are given by identifying work areas, in which further security related work in the area of multimedia communication in general and VoIP in specific has to be done.

References

  1. Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M. and Schooler, E., 2002, RFC3261: SIP: Session Initiation Protocol
  2. ITU-T, 2003, H.323v5: Packet-based multimedia communications systems
  3. Greene, N., Ramalho, M. and Rosen, B., 2000, RFC2805: Media Gateway Control Protocol Architecture and Requirement,
  4. Arango, M., Dugan, A., Elliott, I., Huitema, C. and Pickett, S., 1999, RFC2705: Media Gateway Control Protocol Version 1.0
  5. Handley, M. and Jacobson, V., 1998, RFC2327: SDP: Session Description Protocol
  6. Schulzrinne, H., Casner, S., Frederick, R. and Jacobson, V., 2003, RFC3550: RTP: A Transport Protocol for Real-Time Applications
  7. Baugher, M., McGrew, D., Naslund, M., Carrara, E. and Norrman, K., 2004, RFC3711: The Secure Real-time Transport Protocol
  8. Arkko, J., Carrara, E., Lindholm, F., Naslund, M. and Norrman, K., 2004, RFC3830: MIKEY: Multimedia Internet KEYing
  9. ITU-T, 2005, H.235.0: Security framework for H-series
  10. Kuhn, D.R., Walsh, T.J. and Fries, S., 2005, Security Considerations for Voice over IP Systems, SP800-58, US NIST
Download


Paper Citation


in Harvard Style

Fries S. (2006). SECURITY CONSIDERATIONS IN CURRENT VOIP PROTOCOLS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 183-191. DOI: 10.5220/0002098601830191


in Bibtex Style

@conference{secrypt06,
author={Steffen Fries},
title={SECURITY CONSIDERATIONS IN CURRENT VOIP PROTOCOLS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={183-191},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002098601830191},
isbn={978-972-8865-63-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - SECURITY CONSIDERATIONS IN CURRENT VOIP PROTOCOLS
SN - 978-972-8865-63-4
AU - Fries S.
PY - 2006
SP - 183
EP - 191
DO - 10.5220/0002098601830191