Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 A high grade secure VoIP using the TEA Encryption Algorithm By Ashraf D. Elbayoumy 2005 International Symposium on Advanced Radio Technologies Boulder,

Published byAlbert Bridges Modified over 9 years ago

Similar presentations

Presentation on theme: "1 A high grade secure VoIP using the TEA Encryption Algorithm By Ashraf D. Elbayoumy 2005 International Symposium on Advanced Radio Technologies Boulder,"— Presentation transcript:

1 1 A high grade secure VoIP using the TEA Encryption Algorithm By Ashraf D. Elbayoumy 2005 International Symposium on Advanced Radio Technologies Boulder, Colorado March 1, 2005

2 2 Voice over IP (VoIP) In recent years, we have witnessed a growing interest in the transmission of voice using the packet-based protocols. Voice over Internet protocol (VoIP) is a rapidly growing technology that enables the transport of voice over data networks such as the public Internet.

3 3 About Network Programming networks are organized as a series of layers (or levels) the rules to communicate are called protocol Examples of protocol: TCP, UDP, IP, Ethernet, HTTP the OSI reference model defines seven layers: Presentation Session Presentation Session Data Link Physical Data Link Physical usually not the concern of network programmers Network e.g. IP Transport e.g. TCP, UDP Application e.g. HTTP, FTP, SMTP

4 4 Socket Socket is the endpoints of a communication channel In Unix, the standard is BSD socket; in Windows, we use WinSock. WinSock basically follows the BSD socket standard, but there are some modifications. The latest version, Winsock 2, provides more support for various protocols. Two types of sockets SOCK_STREAM (TCP) SOCK_DGRAM (UDP) TCP is connection-oriented, reliable, … A stream socket works much like an input/output stream. UDP is connectionless, unreliable, send and receive in packets (may arrive out-of-order)

5 5 Typical Work Flow create socket bind close socket throw/receive datagram thru socket connectionless (SOCK_DGRAM, UDP) create socket bind close socket throw/receive datagram thru socket create socket bind wait for connection close socket r/w from socket create socket connect to peer close socket r/w from socket connection-oriented (SOCK_STREAM, TCP) accept connection

6 6 Programming Basics Things to fill in: protocol local IP address, local port remote IP address, remote port IP address is in the form 123.23.23.22 Choose a port: some well known ports for network programming, choose port number > 1024 Transport layer (de-multiplexing) packets arrive port 1port 2port N 111.222.33.4

7 7 The basic idea behind VoIP The user’s voice is converted from analogue form into a digital form, compressed and broken down into a series of packets (Packetisation). These packets are then routed through private or public IP networks from one user to another and reassembled and decompressed at the receiving side.

8 8 Quality of Service is fundamental to the operation of a VoIP network. Despite all the money VoIP can save users and the network elegance it provides, if it cannot deliver at least the same quality of call setup and voice relay functionality and voice quality as a traditional telephone network, then it will provide little added value.

9 9 Among the factors that degrade voice quality are end-to-end delay, packet loss, delay variation, or jitter, voice compression schemes (CODECs), echo cancellation algorithms.

10 10 In the case of voice transmission, the maximum acceptable delay in packet delivery for optimal voice quality is 150ms, which can be extended up to 200ms in case of encrypted communications.

11 11 The time spent by the CODEC, the device that performs the digitization process, may vary between 0.75-30ms, depending on the coding schemes adopted and the quality of the reproduced signal. The queuing delay (i.e., the time spent by a packet in the router buffers waiting for being routed) may add up to 30 ms. A further delay in the range of 40-70ms, called jitter delay, is introduced by buffering arriving packets so that they can be delivered at a uniform rate.

12 12 VoIP Security Security is a serious bottleneck for the future of VoIP (anyone with physical access to the office LAN can potentially connect network-monitoring tools and tap into telephone conversations). Because of the time-critical nature of VoIP most of the same security measures currently implemented in today’s data networks could not be used in VoIP networks.

13 13 VoIP Security Vulnerabilities Voice transport protocols RTP RTCP SCTP Signaling protocols and architecture SIP H.323 MEGACO MGCP

14 14 What’s at Risk? IP phones Core routers Media gateways SIP proxies Gatekeepers Location servers Switches VoIP-based firewalls Any equipment in VoIP infrastructure

15 15 Voice Data Convergence Multiplies Threats VoIP inherits IP data network threat models Reconnaissance, DoS, host vulnerability exploit, surveillance, hijacking, identity theft, misuse, etc. VoIP QoS requirements increase exposure to DoS attacks that affect: Delay, jitter, packet loss, bandwidth PCs = authentication; phones = any user User identity theft VoIP inherits PBX phone vulnerability Unauthorized access and privileges, service theft Device identity theft Malicious devices on IP network act like IP phones Reduced service availability, eavesdropping Inserting/Deleting/Modifying audio streams

16 16 Threats from Phreakers and Hackers Phreakers use phone system to: Gain free calls Disrupt system Fun Hackers use computer system to: Gain free services/products Denial of Service (DoS) Business Fun

17 17 Denial of Service Threat DoS venues Flood Abuse protocols Target devices IP phones (easy) Routers, switches (depends on equipment) Signaling gateways, media gateways, SIP proxies Any device in the path a call takes from a caller to a called party

18 18 Encryption Algorithms: DES 3DES IDEA BLOWFISH TEA

19 19 Two rounds of the TEA block cipher

20 20

21 21 Thank You

Download ppt "1 A high grade secure VoIP using the TEA Encryption Algorithm By Ashraf D. Elbayoumy 2005 International Symposium on Advanced Radio Technologies Boulder,"

Similar presentations

Addressing Security Issues IT Expo East 2011. Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)

Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)
Chapter 7: Transport Layer

Chapter 7: Transport Layer
Lecture 7 Transport Layer

Lecture 7 Transport Layer
1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.

1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.
Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)

Voice over IP and IP telephony Network convergence – Telephone and IT – PoE (Power over Ethernet) Mobility and Roaming Telco – Switched -> Packet (IP)
Application layer (continued) Week 4 – Lecture 2.

Application layer (continued) Week 4 – Lecture 2.
4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side, delivers.

4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side, delivers.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Transmission Control Protocol (TCP) and Packet-Switching Hardware Devang Parekh EE290F 4/15/04.

Transmission Control Protocol (TCP) and Packet-Switching Hardware Devang Parekh EE290F 4/15/04.
5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525.

5/3/2006 tlpham VOIP/Security 1 Voice Over IP and Security By Thao L. Pham CS 525.
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Lecturer: Tamanna Haque Nipa

Lecturer: Tamanna Haque Nipa
IT Expo SECURITY Scott Beer Director, Product Support Ingate +1-613-963-0933.

IT Expo SECURITY Scott Beer Director, Product Support Ingate
Voice over IP Fundamentals M. Arvai NEC Senior Technical Eng. 1.

Voice over IP Fundamentals M. Arvai NEC Senior Technical Eng. 1.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Public IP Telephony Introduction to VoIP Cisco Networking Academy Program.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Public IP Telephony Introduction to VoIP Cisco Networking Academy Program.
Data Communications and Networks

Data Communications and Networks
OSI Model Routing Connection-oriented/Connectionless Network Services.

OSI Model Routing Connection-oriented/Connectionless Network Services.

Similar presentations

Ads by Google