Abstract
Voice networks evolved from the traditional telephone system, to mobile and wireless networks and now towards a converged voice and data infrastructure. This convergence is based on the spread of the Internet Protocol, where VoIP is developing. Due to IP network characteristics, hackers are able to compromise and take control of different aspects of IP telephony such as signaling information and media packets. Security and privacy become mandatory requirements for this application area. IP telephony requires security services such as confidentiality, integrity, authentication, non-replay and non-repudiation. The available solutions are generic and do not respect voice specificities and constraints. In this paper, we present the security mechanisms as provided in some voice networks, outline major security weaknesses in these different environments and end this paper by a proposition to secure voice over IP packets drawing inspiration from the existing voice security solutions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. In: RFC 2401 (1998)
Brookson, C.: GSM (and PCN) Security and Encryption, http://gsmsecurity.com/papers.shtml
Lagrange, X., Godlewski, P., Tabbane, S.: Réseaux GSM, 5th edn. Hermes Sciences
Security in ISDN, http://csrc.nist.goc/publications/nistpubs/500-189/isdn4.ps
Dierks, T., Allen, C.: The TLS Protocol Version 1.0. In: IETF RFC 2246 (January 1999)
ITU-T H.323 v4, Packet-based multimedia communications systems (July 2003)
ITU-T H.235 v3, Security and encryption for H-Series multimedia terminals (August 2003)
ITU-T Recommendation H.235, Annex D - Baseline Security Profile
ITU-T Recommendation H.235, Annex E – Signature Profile
ITU-T Recommendation H.235, Annex F - Hybrid Security Profile
ITU Recommendation H.235, Annex I – H.323 Implementation Details
Morrow, R.: Bluetooth: Operation and Use, 1st edn. McGraw-Hill Professional, New York (2002)
Kent, S., Atkinson, R.: IP Authentication Header. In: IETF RFC 2402 (November 1998)
Handley, M., Schulzrinne, H., Schooler, E., Rosenberg, J.: SIP: Session Initiation Protocol. In: IETF RFC 2543 (March 1999)
Barbieri, R., Brushi, D., Rosti, E.: Voice over IPsec: Analysis and Solutions. In: 18th Annual Computer Security Applications Conference December 2002, San Diego California (2002)
Baugher, M., et al.: The Secure Real-time Transport Protocol. In: RFC 371 (March 2004)
IEEE 802.11, Available from http://grouper.ieee.org/groups/802/11/main.html
Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A transport Protocol for Real-Time Applications, draft-ietf-avt-rtp-news-12.ps (March 2003)
Pesonen, L.: GSM Interception, Helsinki University of Technology (November 1999)
Rose, G.: A precis of the new attacks on GSM encryption, Qualcomm Australia (September 2003)
NIST, Advanced Encryption Standard (AES), FIPS PUB (1997), http://www.nist.gov/aes
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bassil, C., Serhrouchni, A., Rouhana, N. (2005). Critical Analysis and New Perspective for Securing Voice Networks. In: Lorenz, P., Dini, P. (eds) Networking - ICN 2005. ICN 2005. Lecture Notes in Computer Science, vol 3421. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31957-3_91
Download citation
DOI: https://doi.org/10.1007/978-3-540-31957-3_91
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25338-9
Online ISBN: 978-3-540-31957-3
eBook Packages: Computer ScienceComputer Science (R0)