Comparison of IPsec to TLS and SRTP for Securing VoIP
Barry Sweeney, Duminda Wijesekera
2007
Abstract
With the IETF requirement to include Internet Protocol Security (IPsec) in every implementation of Internet Protocol version 6 (IPv6), it is prudent to consider IPsec as a viable protocol for securing IPv6 Voice over Internet Protocol (VoIP) sessions. This approach is currently inconsistent with the direction of industry, which has chosen Transport Layer Security (TLS) to secure the Session Initiation Protocol (SIP) packets and Secure Real-time Transport Protocol (SRTP) to secure the Real-time Transport Protocol (RTP) packets for VoIP sessions. A comparison of these two approaches is currently not available and this paper attempts to provide that comparison and discuss the advantages and disadvantages of each approach so that implementers and Information Assurance (IA) architects may make an informed decision. This paper is not necessarily an IA document, but is instead focused on the comparison of the two approaches based on many factors to include IA concerns.
References
- Alshamsi, A., and Saito, T., 2004, “A Technical Comparison of IPSec and SSL,” Tokyo University of Technology, 2004 Symposium on Cryptography and Information Security.
- Baugher, M., McGrew, D., Naslund, M., Carrara, E., and Norrman, K., “The Secure Realtime Transport Protocol,” RFC 3711, March 2004.
- Dierks, D., and Rescorla, E., “The Transport Layer Security (TLS) Protocol Version 1.1,” RFC 4346, April 2006.
- International Telecommunications Union, “H.323 - Infrastructure of audiovisual services - Systems and terminal equipment for audiovisual services,” June 2006.
- Kent, S., “IP Encapsulating Security Payload (ESP),” RFC 4303, December 2005.
- Orrblad, Joachim, “Alternatives to MIKEY/SRTP to Secure VoIP,” Telecommunications System Laboratory, KTH Microelectronics and Information Technology, http://www.minisip.org/publications/Thesis_Orrblad_050330.pdf, March 2005.
- Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and Schooler, E., “Session Initiation Protocol (SIP),” RFC 3261, June 2002.
- Stenbit, J., “Internet Protocol version 6 (IPv6),” Chief Information Officer Memorandum, 9 June 2003.
- “Wide Area Network (WAN) Generic System Specification (GSS)”, DoD Real-Time Services Working Group, March 2007.
- Vatn, J., Bilien, J., Eliasson, E., and Orrblad, J., “Secire VoIP: Call Establishment and Media Protection”, Royal Institute of Technology, Stockholm, Sweden.
- “Y.1541 - Series Y: Global Information Infrastructure, Internet Protocol Aspects and Next Generation Networks - Network Performance Objectives for IP-based Services”, International Telecommunication Union, February 2007.
Paper Citation
in Harvard Style
Sweeney B. and Wijesekera D. (2007). Comparison of IPsec to TLS and SRTP for Securing VoIP . In Proceedings of the 5th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2007) ISBN 978-972-8865-96-2, pages 82-92. DOI: 10.5220/0002433500820092
in Bibtex Style
@conference{wosis07,
author={Barry Sweeney and Duminda Wijesekera},
title={Comparison of IPsec to TLS and SRTP for Securing VoIP},
booktitle={Proceedings of the 5th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2007)},
year={2007},
pages={82-92},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002433500820092},
isbn={978-972-8865-96-2},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 5th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2007)
TI - Comparison of IPsec to TLS and SRTP for Securing VoIP
SN - 978-972-8865-96-2
AU - Sweeney B.
AU - Wijesekera D.
PY - 2007
SP - 82
EP - 92
DO - 10.5220/0002433500820092