RSS Feed
Twitter
施添登- 以RTP 通信協定實現身份鑑別與不可否認性的方法
[ 摘要 ]
由於網路電話興起,企業與家庭用戶可以透過網際網路完成資訊與語音訊號整合服務,伴隨而來,卻是不可輕忽的網路安全議題,根據美國商業周刊(Business Week)報導,網路電話對於駭客及數位損害敏感性不下於其他任何以網路為基礎的應用程式。
網路電話廣泛利用IETF所制定SIP(Session Initiation Protocol)標準與RTP(Real-time Transport Protocol)來實現通信呼叫與媒體訊息傳遞,其應用以TCP/UDP通信協定為背景,也因此繼承了傳統IP網路可能遭受的威脅,如機密性(confidentiality)與鑑別性(authentication)議題等。企業使用網路電話,促使成為商業溝通管道,如何強化其不可否認性,來實踐商業價值,是網路電話應用另一個議題。RFC3261使SIP通信協定具有機密性與鑑別性安全規範,但要在Internet上提供一個達到end to end安全機制,仍存在許多有待克服與標準化議題。本研究朝向以RTP傳送語音訊息中實作具有Error Correction 機制的資訊隱藏(Information Hiding)技術,透過夾帶數位簽章(DS),來傳遞身分識別機能,實現身份鑑別與不可否認,藉此提供一個可選擇的安全機制。
[ 英文摘要 ]
Since VOIP has become popular for corporations and individuals to exchange information and voice through the internet, the convenience comes along with some security problems. According to Business Week, VOIP may possibly be attacked by hackers as other internet application.
VOIP has realized call signaling and media data delivery with SIP (Session Initiation Protocol) and RTP (Real-time Transport Protocol) which are established by IETF. Since VOIP has the same background (TCP/UDP) as IP network, there might be a threat to confidentiality and authentication as well. It is important to intensify the non-repudiation especially when corporations use VOIP to make business communications. RFC3261 has standardized confidentiality and authentication by SIP; however, we still have some problems to solve in order to offer security from end to end on the internet. Therefore, my research suggests a security system that can implement authentication and non-repudiation on RTP protocol. We will utilize the technology of Error Correction and Information Hiding that can carry identification by voice data.
