New security and control protocol for VoIP based on steganography and digital watermarking

In this paper new security and control protocol for Voice over Internet Protocol (VoIP) service is presented. It is the alternative for the IETF's (Internet Engineering Task Force) RTCP (Real-Time Control Protocol) for real-time application's traffic. Additionally this solution offers authentication and integrity, it is capable of exchanging and verifying QoS and security parameters. It is based on digital watermarking and steganography that is why it does not consume additional bandwidth and the data transmitted is inseparably bound to the voice content.Comment: 8 pages, 4 figures, 1 tabl

A secure archive for Voice-over-IP conversations

An efficient archive securing the integrity of VoIP-based two-party conversations is presented. The solution is based on chains of hashes and continuously chained electronic signatures. Security is concentrated in a single, efficient component, allowing for a detailed analysis.Comment: 9 pages, 2 figures. (C) ACM, (2006). This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of VSW06, June, 2006, Berlin, German

Non-Repudiation in Internet Telephony

We present a concept to achieve non-repudiation for natural language conversations over the Internet. The method rests on chained electronic signatures applied to pieces of packet-based, digital, voice communication. It establishes the integrity and authenticity of the bidirectional data stream and its temporal sequence and thus the security context of a conversation. The concept is close to the protocols for Voice over the Internet (VoIP), provides a high level of inherent security, and extends naturally to multilateral non-repudiation, e.g., for conferences. Signatures over conversations can become true declarations of will in analogy to electronically signed, digital documents. This enables binding verbal contracts, in principle between unacquainted speakers, and in particular without witnesses. A reference implementation of a secure VoIP archive is exhibited.Comment: Accepted full research paper at IFIP sec2007, Sandton, South Africa, 14-16 May 200

Multimedia congestion control: circuit breakers for unicast RTP sessions

The Real-time Transport Protocol (RTP) is widely used in telephony, video conferencing, and telepresence applications. Such applications are often run on best-effort UDP/IP networks. If congestion control is not implemented in these applications, then network congestion can lead to uncontrolled packet loss and a resulting deterioration of the user's multimedia experience. The congestion control algorithm acts as a safety measure by stopping RTP flows from using excessive resources and protecting the network from overload. At the time of this writing, however, while there are several proprietary solutions, there is no standard algorithm for congestion control of interactive RTP flows. This document does not propose a congestion control algorithm. It instead defines a minimal set of RTP circuit breakers: conditions under which an RTP sender needs to stop transmitting media data to protect the network from excessive congestion. It is expected that, in the absence of long-lived excessive congestion, RTP applications running on best-effort IP networks will be able to operate without triggering these circuit breakers. To avoid triggering the RTP circuit breaker, any Standards Track congestion control algorithms defined for RTP will need to operate within the envelope set by these RTP circuit breaker algorithms

VoIP Speech Encryption System Using Stream Cipher with Chaotic Key Generator

Abstract— Recently, with the development multimedia technologies and wireless telecommunication, Voice over Internet Protocol, becomes widely used in communication between connecting people, VoIP allows people that are connected to the local network or the Internet to make voice calls using digital connection instead of based on the analog traditional telephone network. The technologies of Internet doesn’t give any security mechanism and there is no way to guarantee that the voice streams will be transmitted over Internet or network have not been intercepted in between. In this paper, VoIP is developed using stream cipher algorithm and the chaotic cryptography for key generator. It is based on the chaotic maps for generating a one-time random key used to encrypt each voice data in the RTP packet. Chaotic maps have been used successfully for encryption bulky data such as voice, image, and video, chaotic cryptography has good properties such as long periodicity, pseudo-randomness, and sensitivity to initial conditions and change in system parameters. A VoIP system was successfully implemented based on the on ITU-T G.729 for voice codec, as a multimedia encoding of Real-time Transport Protocol payload data, then, apply a proposed methods to generate three-mixed logistic chaotic maps [1] and then analysis the encryption/ decryption quality measures for speech signal based this method. The experimental work demonstrates that the proposed scheme can provide confidentiality to voice data with voice over IP performance quality, minimum lost in transmitted packet, minimum average delay, and minimum jitter. Keywords: VoIP; Speech encryption; logistic chaotic map; G.729; QoS; RT

ONEChat: Enabling Group Chat and Messaging in Opportunistic Networks

Opportunistic networks, which are wireless network "islands" formed when transient and highly mobile nodes meet for a short period of time, are becoming commonplace as wireless devices become more and more popular. It is thus imperative to develop communication tools and applications that work well in opportunistic networks. In particular, group chat and instant messaging applications are particularly lacking for such opportunistic networks today. In this paper, we present ONEChat, a group chat and instant messaging program that works in such opportunistic networks. ONEChat uses message multicasting on top of service discovery protocols in order to support group chat and reduce bandwidth consumption in opportunistic networks. ONEChat does not require any pre-configuration, a fixed network infrastructure or a client-server architecture in order to operate. In addition, it supports features such as group chat, private rooms, line-by-line or character-by-character messaging, file transfer, etc. We also present our quantitative analysis of ONEChat, which we believe indicates that the ONEChat architecture is an efficient group collaboration platform for opportunistic networks

SECURING USER INTERACTION CHANNELS ON MOBILE PLATFORM USING ARM TRUSTZONE

Smartphones have become an essential part of our lives, and are used daily forimportant tasks like banking, shopping, and making phone calls. Smartphones provide several interaction channels which can be affected by a compromised mobile OS. This dissertation focuses on the user interaction channels of UI input and audio I/O. The security of the software running on smartphones has become more critical because of widespread smartphone usage. A technology called TEE (Trusted Execution Environment) has been introduced to help protect users in the event of OS compromise, with the most commonly deployed TEE on mobile devices being ARM TrustZone. This dissertation utilizes ARM TrustZone to provide secure design for user interactionchannels of UI input (called Truz-UI) and Audio I/O for VoIP calls (called Truz-Call). The primary goal is to ensure that the design is transparent to mobile applications. During research based on TEE, one of the important challenges that is encountered is the ability to prototype a secure design. In TEE research one often needs to interface hardware peripherals with the TEE OS, which can be challenging for non-hardware experts, depending on the available support from the TEE OS vendor. This dissertation discusses a simulation based approach (called Truz-Sim) that reduces setup time and hardware experience required to build a hardware environment for TEE prototyping