DOCSLIB.ORG

Pub-Et 12486.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Pub-Et 12486.Pdf 1 MASTER THESIS QoS Estimation during Session Initiation of Video Streaming Session under the direction of Prof. Dr. Markuss Rupp DI Michal Ries Institut fur Nachrichtentechnik und Hochfrequenztechnik handed in Technischen Universitat Wien Fakultat fur Nachrichtentechnik und Hochfrequenztechnik by Iria Rodr´ıguez Escola T`ecnicaSuperior d´ Enginyeria de Telecomunicaci´ode Barcelona Universitat Polit`ecnicade Catalunya Matrikelnr: 0627627 Wien, July 2007 2 Executive Summary Executive Summary Purposes of the work The goal of this work is investigate the QoS provision mechanisms that can be used during the media session initialization, the translation of such mechanisms to Session Initiation Protocol an Session Description Protocol signalling and a physi- cal analysis task over an IMS testbed, that give rise to the knowledge of the current IMS deployment in this field. The steps followed to achieve this aim are divided in two different parts. The first part comprises a research study of 3GPP technical specifications and reports, recommendations, proposals, Request for Comments and all the literature involved. The second part deals with the comparison evalu- ation of theoretical supported and available mechanisms, architectures or designs in front of the physical development of all this aspects. The main contribution of this work is, therefore, an accurate State of Art about IMS QoS provision and a lack collection in the available IMS test tools. Organization of the work The outlines of the work have its basis on a decisive an deep research in the meaningful IMS signalling plane aspects and the IMS QoS Provision, with the final merging of both issues by means of Session Initiation Protocol and Session Description Protocol mechanisms for deal with media sessions ensuring QoS. In parallel, by means of the traffic generated in ftw's testbed and its proper analysis, is obtained a physical approach to the IMS QoS management. The confrontation of the two parts of the work reveals, finally, the current lacks and limitations (also due to the restrictions of the testbed itself) and makes feasible a suggestion phase for a proposal that ends in a new configuration of existing elements. Closes the work the set of conclusions that previous phases give rise to, just as other outputs that serve as subject for a new project/research. The final outline of the project and the chapters' organization is as follows: Executive Summary 3 Figure 1: Outline of the work 4 Contents Contents Executive Summary 2 Contents 4 List of Figures 9 List of Tables 11 I Research Work 13 1 Introduction 15 1.1 Outline: Understanding Concepts . 15 1.2 Perceptual QoS . 17 1.3 Multimedia Streaming Protocols . 18 1.3.1 Session Control: SIP . 18 1.3.2 Session Description: SDP . 18 1.3.3 Media Transport: RTP and RTCP . 19 1.4 Video Streaming Codecs over IMS . 20 1.4.1 H.263 . 21 1.4.2 MPEG-4 (Part 2) Simple Profile . 22 1.4.3 H.264 / MPEG-4 Part 10 AVC . 23 1.5 IMS Media Authorization . 24 1.6 End-to-End QoS Models: Resource Reservation . 24 1.6.1 Terminals Resource Reservation: PDP Context . 25 1.6.2 The Integrated Services Architecture: RSVP . 25 1.6.3 The Differential Service Architecture . 25 2 Video Session Initiation & QoS 27 2.1 Video Session QoS Requirements . 28 2.1.1 Key Performance Indicators . 30 5 6 Contents 2.2 General issues of end-to-end QoS . 31 2.2.1 Resource Check and IMS session setup . 31 2.3 QoS Concept and architecture in UMTS . 33 2.3.1 UMTS QoS Architecture . 34 2.3.2 UMTS Bearer Service Attributes . 35 2.4 Session setup procedures . 36 2.4.1 Codec negotiation . 38 2.4.2 Preconditions . 40 2.4.3 PDP Context Activation . 42 2.4.4 RSVP . 44 3 Policy-based QoS Control Scenario for IMS 47 3.1 Model for a policy-based network . 48 3.2 COPS Protocol over Go Interface . 50 3.3 The PEP in the GGSN . 50 3.3.1 Policy control: Requesting authorization . 51 3.3.2 Mapping/translation function . 52 3.4 Policy Decision Function (PDF) . 54 3.5 QoS Control Scenario for IMS Services . 55 4 SIP & SDP over IMS 57 4.1 SIP/SDP Overview . 57 4.1.1 SIP Overview . 57 4.1.2 SDP overview . 60 4.2 SIP/SDP and IMS . 62 4.2.1 Integration of Resource Management and SIP Preconditions RFC 3312 . 63 4.2.2 Media authorization RFC 3313 . 65 4.2.3 SDP Bandwidth Modifiers for RTCP Bandwidth (RFC 3556) . 66 4.2.4 Other extensions and constricts . 68 4.3 RTP/RTCP usage for video transport . 70 4.3.1 Picture Loss Indication . 71 4.3.2 Syncronization . 72 4.3.3 Video adaptation . 74 4.3.4 Video Bit Rate equalization in IMS - Circuit Switched interworking . 74 5 Session setup flows for QoS Provision 77 Contents 7 II Practical Work 91 6 Work environment 93 6.1 Previous: IMS Arquitecture . 94 6.2 Open Source IMS . 97 6.3 Looking for an IMS client . 102 6.4 Ethereal & SIP Scenario Generator . 104 6.4.1 Network Protocol Analyzer-tool: Ethereal . 104 6.4.2 Creating SIP Call Flows: SIP Scenario Generator . 105 7 Getting up and running the testbed 107 7.1 ftw testbed . 108 7.2 Client: IMS-Communicator . 108 7.2.1 Configuration . 108 7.2.1.1 Property: Preferred audio/video codec . 111 7.2.1.2 Transport protocol . 112 7.2.2 Starting the clients . 112 7.2.2.1 Registration . 112 7.2.2.2 Calling Process . 114 7.2.3 Other utilities . 114 7.3 Ethereal . 115 8 Testbed evaluation 117 8.1 Preconditions Support . 117 8.2 Codec Negotiation Procedures . 119 8.3 P-Access-Network-Info and Bandwidth Negotiation . 121 8.4 What is missing? . 121 8.5 Proposal:P-CSCF dealing with the precondition mechanism . 122 9 Conclusions 129 9.1 Achievements and Results . 129 9.2 Possible improvements . 130 III Appendix 131 A Summary: SIP & Session Negotiation 133 A.1 Preconditions (RFC 3312) . 133 A.2 Methods . 133 A.2.1 Options (RFC 3261) . 133 A.2.2 Negotiatie (Internet Draft) . 134 8 Contents A.3 Indicating User Agent Capabilities in the Session Initiation Protocol (SIP): SIP Capabilities (RFC 3840) & Caller Preferences for SIP (RFC 3841) . 134 A.4 SIP Headers . 136 A.4.1 P-Access-Network-Info (RFC 3455) . 136 A.4.2 P-Media Authorization (RFC 3313) . 136 A.4.3 Security Agreement (RFC 3329) . 137 A.5 SDP Simple Capability Declaration (RFC 3407) . 137 A.6 BW Negotiation . 138 A.7 Warning Codes (RFC 3261) . 138 B IMS-Communicator Configuration 145 B.1 Settings > Configure . 145 B.2 XML File . 155 C IMS-SIP Clients 161 D Captures & SIP Scenario Traces 165 D.1 Registration . 166 D.2 477 Error Message . 174 D.3 Basic Call: Alice − > Bob . 176 List of Abbreviations 200 Bibliography 204 List of Figures 1 Outline of the work . .3 2.1 UMTS QoS Arquitecture . 34 2.2 Basic video session flows . 37 2.3 Codec Negotiation . 39 2.4 Siganlling Flow using Preconditions . 41 2.5 PDP Context activation . 44 3.1 Functional entities involved in the policy-based QoS scenario . 49 3.2 QoS Control scenario for IMS . 56 4.1 Media Authorization Architecture . 65 5.1 General Flow . 78 5.2 (1) Invite . 79 5.3 (3) Invite . 80 5.4 Intermediate IM CN Subsystem entities flows . 81 5.5 Initial filter criteria . 82 5.6 (5) Invite . 83 5.7 (7) Invite . 84 5.8 (9) Session Progress . 85 5.9 (12) Session Progress . 86 5.10 (25) Update . 88 5.11 (29) 200 (OK) . 89 6.1 ims architecture . 94 6.2 Overview of IMS and NGN at FOKUS . 98 6.3 Open Source IMS Core in the Open IMS Playground . 99 6.4 Open Source IMS Core Components . 100 6.5 Ethereal panes . 104 6.6 Paquet details for a INVITE Request -Ethereal Capture- . 106 7.1 FTW testbed configuration . 108 9 10 List of Figures 7.2 IMS-Communicator: Registration . 113 7.3 FHoSS: User Profile . ..
Load more

Recommended publications
  • AUTHENTICATION TECHNIQUES for HETEROGENEOUS TELEPHONE NETWORKS by BRADLEY GALLOWAY REAVES a DISSERTATION PRESENTED to the GRADUA
    AUTHENTICATION TECHNIQUES FOR HETEROGENEOUS TELEPHONE NETWORKS By BRADLEY GALLOWAY REAVES A DISSERTATION PRESENTED TO THE GRADUATE SCHOOL OF THE UNIVERSITY OF FLORIDA IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY UNIVERSITY OF FLORIDA 2017 © 2017 Bradley Galloway Reaves For Sarah ACKNOWLEDGMENTS Iamonlywritingthistodaybecauseofthemultitudeoffamily,friends,teachers,and colleagues who helped get me here. This journey began in high school, when Mrs. Reid, my English teacher, suggested that I would make a good college professor. I wasn’t sure about the idea until my second programming class in college. I loved programming, so I would do the lab assignments at home, then show up in the lab to demonstrate the project to the TA. My work for the week was done, but I didn’t leave the lab. Instead, I stayed for the next few hours helping other students when they needed help with the programming assignments. It became the best part of my week, and I realized that there was no career I wanted more than to be a professor of computing. Having a goal and knowing what it takes to achieve it are two very di↵erent things. At the time I knew I needed a PhD, but nothing of what it took to get one. Luckily, I had wonderfully supportive professors and advisors who told me what it took, and one in particular helped me take the first steps toward a research career. Tommy Morris was a new professor at Mississippi State, and after teaching my digital design class o↵ered me a (paid!) position in his research lab.
    [Show full text]
  • Analysis of Effect of Zfone Security on Video Call Service in Wireless Local Area Network
    International Journal of Computer Techniques -– Volume 6 Issue 6,November 2019 ANALYSIS OF EFFECT OF ZFONE SECURITY ON VIDEO CALL SERVICE IN WIRELESS LOCAL AREA NETWORK Arip Solehudin 1 Bayu Priyatna 2 Nono Heryana 3 Teknik Informatika Fakultas Ilmu Komputer School of Engineering and Computer Science Sistem Informasi Fakultas Ilmu Komputer Universitas Singaperbangsa Karawang Universitas Buana Perjuangan Karawang Universitas Singaperbangsa Karawang Karawang, Indonesia Karawang, Indonesia Karawang, Indonesia [email protected] [email protected] [email protected] Abstract—Along with the development of WLAN (Wireless VoIP LAN that uses cable began to move using wireless Local Area Network) network technology, many services that network technology, namely wireless. The use of wireless used cable networks began to migrate to wireless networks. networks as a medium for the flow of data makes VoIP VoIP (Voice over Internet Protocol) is one service implemented services can be used in several communication technology in wireless local area networks. However, VoIP that uses tools such as personal computers, laptops, and smartphones. wireless technology as a data stream media Video Call service has a high risk of tapping pictures. To avoid tapping pictures, The use of VoIP technology that is implemented on you can add a security system to the service, one of which is to WLAN networks with video call services found in VoIP use Zfone security. With him adding a security system that will facilities is an excellent solution for conducting influence the work of Video Call services on the quality of conversations at affordable costs compared to the VoIP service.
    [Show full text]
  • Zfone: a New Approach for Securing Voip Communication
    Zfone: A New Approach for Securing VoIP Communication Samuel Sotillo [email protected] ICTN 4040 Spring 2006 Abstract This paper reviews some security challenges currently faced by VoIP systems as well as their potential solutions. Particularly, it focuses on Zfone, a vendor-neutral security solution developed by PGP’s creator, Phil Zimmermann. Zfone is based on the Z Real-time Transport Protocol (ZRTP), which is an extension of the Real-time Transport Protocol (RTP). ZRTP offers a very simple and robust approach to providing protection against the most common type of VoIP threats. Basically, the protocol offers a mechanism to guarantee high entropy in a Diffie- Hellman key exchange by using a session key that is computed through the hashing several secrets, including a short authentication string that is read aloud by callers. The common shared secret is calculated and used only for one session at a time. However, the protocol allows for a part of the shared secret to be cached for future sessions. The mechanism provides for protection for man-in-the-middle, call hijack, spoofing, and other common types of attacks. Also, this paper explores the fact that VoIP security is a very complicated issue and that the technology is far from being inherently insecure as many people usually claim. Introduction Voice over IP (VoIP) is transforming the telecommunication industry. It offers multiple opportunities such as lower call fees, convergence of voice and data networks, simplification of deployment, and greater integration with multiple applications that offer enhanced multimedia functionality [1]. However, notwithstanding all these technological and economic opportunities, VoIP also brings up new challenges.
    [Show full text]
  • Online Security for Independent Media and Civil Society Activists
    Online Security for Independent Media and Civil Society Activists A white paper for SIDA’s October 2010 “Exile Media” conference Eric S Johnson (updated 13 Oct 2013) For activists who make it a priority to deliver news to citizens of countries which try to control the information to which their citizens have access, the internet has provided massive new opportunities. But those countries’ governments also realise ICTs’ potential and implement countermeasures to impede the delivery of independent news via the internet. This paper covers what exile media can or should do to protect itself, addressing three categories of issues: common computer security precautions, defense against targeted attacks, and circumventing cybercensorship, with a final note about overkill (aka FUD: fear, uncertainty, doubt). For each of the issues mentioned below, specific ex- amples from within the human rights or freedom of expression world can be provided where non-observance was cata- strophic, but most of those who suffered problems would rather not be named. [NB Snowden- gate changed little or nothing about these recommendations.] Common computer security: The best defense is a good … (aka “lock your doors”) The main threats to exile media’s successful use of ICTs—and solutions—are the same as for any other computer user: 1) Ensure all software automatically patches itself regularly against newly-discovered secu- rity flaws (e.g. to maintain up-to-date SSL certificate revocation lists). As with antivirus software, this may cost something; e.g. with Microsoft (Windows and Office), it may re- quire your software be legally purchased (or use the WSUS Offline Update tool, which helps in low-bandwidth environments).
    [Show full text]
  • SPAM Over Internet Telephony and How to Deal with It
    SPAM over Internet Telephony and how to deal with it Diploma thesis - Rachid El Khayari Supervisor: Prof. Dr. Claudia Eckert, Dr. Andreas U. Schmidt, Nicolai Kuntze Fraunhofer Institute for Secure Information Technology ’O misery, misery, mumble and moan! Someone invented the telephone, And interrupted a nation’s slumbers, Ringing wrong but similar numbers.’ Ogden Nash (1902 - 1971 / USA) 2 Acknowledgements I want to thank • Prof. Dr. Claudia Eckert for giving me the opportunity to work on this thesis. • Dipl. Inform Nicolai Kuntze and Dr. Andreas U. Schmidt for their great support and trust into my work. • my whole family including my parents Mohamed and Yamina, my brother Soufian, my brother Samir and his wife Nadya, my little niece Sara and last but not least my best friend Inesaf and all others who supported me on my way. 3 Affidavit I hereby declare that the following diploma thesis "SPAM over Internet Telephony and how to deal with it" has been written only by the undersigned and without any assistance from third parties. Furthermore, I confirm that no sources have been used in the preparation of this thesis other than those indicated in the thesis itself. Place, Date Signature 4 Introduction In our modern society telephony has developed to an omnipresent service. People are avail- able at anytime and anywhere. Furthermore the Internet has emerged to an important com- munication medium. These facts and the raising availability of broadband internet access has led to the fusion of these two services. Voice over IP or short VoIP is the keyword, that describes this combina- tion.
    [Show full text]
  • Metody Zajisteni Bezpecnosti Voip Provozu Open Source
    VYSOKÉ U ČENÍ TECHNICKÉ V BRN Ě BRNO UNIVERSITY OF TECHNOLOGY FAKULTA ELEKTROTECHNIKY A KOMUNIKA ČNÍCH TECHNOLOGIÍ ÚSTAV TELEKOMUNIKACÍ FACULTY OF ELECTRICAL ENGINEERING AND COMMUNICATION DEPARTMENT OF TELECOMMUNICATIONS METODY ZAJIŠT ĚŠTENÍ BEZPE ČNOSTI VOIP PROVOZU OPEN SOURCE PBX SECURITY PROVISIONS OF VOIP TRAFFIC IN OPEN SOURCE PBX DIPLOMOVÁ PRÁCE MASTER´S THESIS AUTOR PRÁCE BC. JAROSLAV CHALÁS AUTHOR VEDOUCÍ PRÁCE Ing. PAVEL ŠILHAVÝ, Ph.D. SUPERVISOR BRNO 2010 3 4 ANOTACE Hlavným dôvodom vytvorenia licencie a programu Open Source je vo ľné šírenie zdrojového kódu aplikácii a programov samotných. Ke ďže ide o verejne prístupný bezplatný projekt, upgrade a podporu majú na starosti dobrovoľne príslušné komunity. Aj preto je použitie a samotná implementácia mnohokrát závislá na ďalších vo ľne prístupných nástrojoch a knižniciach, čo mnohokrát bráni v jednoduchosti inštalácie. Vytvoreniu úspešného spojenia pomocou VoIP predchádzajú dve fázy. Prvou je nevyhnutná signalizácia, ktorá spolupracuje so signaliza čnými protokolmi ako H.323 alebo SIP. Okamžite po dohode podmienok hovoru, ktorými sú šifrovanie, hlasový kodek, porty a pod., nastáva druhá fáza, ktorou je prenos hlasu. Teoretická čas ť práce je venovaná protokolom SIP, H.323, MGCP, RTP a IAX, zabezpe čeným možnostiam prenosu signalizácie a dátovej časti hovoru, v podobe bezpe čnostných metód SIPS, SRTP, ZRTP a IPsec. Táto čas ť práce taktiež predstavuje a približuje Open Source ústred ňu Asterisk a pojednáva o jej možnostiach, prednostiach a podpore v komunite. Priblížil som vlastnosti a hlavné rysy jednotlivých podporovaných verzií a predstavil jednotlivé možnosti útokov na VoIP systém, spolu s vo ľne dostupnými a hlavne funk čnými nástrojmi na generovanie takýchto útokov. Praktická čas ť práce je zameraná na možnosti generovania týchto experimentálnych útokov na jednotlivé časti VoIP systému s definovaním dosiahnutého výsledného efektu.
    [Show full text]
  • Protecting Privacy and Freedom Online with FOSS
    Protecting Privacy and Freedom Online with FOSS Presented By Steven Arbitman Starbits Studios, Inc. www.starbits.com For FOSSCON 2012 Copyright (c) 2012 by Steven Arbitman Protecting Privacy and Freedom Online with FOSS by Steven Arbitman, Starbits Studios, Inc. is licensed under a Creative Commons Attribution-ShareAlike 3.0 United States License. Who Has Privacy? Criminals, Major Corporations, Governments, basically everyone but NOT YOU! Good news: Findings reveal that 91 percent of U.S. online adults worry about their privacy. Bad news: it may be worse than you think. Good news: - you can be private, for free, with little effort and no technical knowledge. Why Bother? I have nothing to hide. ● Postcards or Envelopes - Which would you use? If You Have Nothing To Hide From Saturday Morning Breakfast Cereal, Zach Weiner http://www.smbc-comics.com/index.php? db=comics&id=2434 Who Is Watching? ● Criminals ● Cyber-activists ● Corporations ● Governments "It will feel like data has a life of its own. With the massive amount of sensors we have littering our lives and landscapes, we’ll have information spewing from everywhere. Our cars, our buildings, and even our bodies will expel an exhaust of data, information, and 1s and 0s at an incredible volume." The Secret Life of Data in the Year 2020 By Brian David Johnson They Know Where You Are - Geolocation ● Federal, state, and local law enforcement agencies have made over 1.3 million demands for user cell phone data in the last year, "seeking text messages, caller locations and other information." The New York Times called the new findings proof of "an explosion in cellphone surveillance" ● Civilian GPS tracking $150 - $500 ● Solutions? Detectors, Wave Bubble, GPS Spoofers ● EZ-Pass, traffic cameras, drone aircraft, RFID Privacy Invasions - Examples ● Comcast blocking file sharing ● Target and teen pregnancy – store cards ● Lower Merion – laptop cameras ● Government Invasions of Privacy The NSA ● AT&T “Secret Room” revealed in 2006 ● Former NSA employes William E.
    [Show full text]
  • Safety on the Line Exposing the Myth of Mobile Communication Security
    Safety on the Line Exposing the myth of mobile communication security Prepared by: Supported by: Cormac Callanan Freedom House and Hein Dries-Ziekenheiner Broadcasting Board of Governors This report has been prepared within the framework Contacts of Freedom House/Broadcasting Board of Governors funding. The views expressed in this document do not FOR FURTHER INFORMATION necessarily reflect those of Freedom House nor those of PLEASE CONTACT: the Broadcasting Board of Governors. Mr. Cormac Callanan July 2012 Email: [email protected] Mr. Hein Dries-Ziekenheiner Email: [email protected] 2 Safety on the Line Exposing the myth of mobile communication security Authors CORMAC CALLANAN HEIN DRIES-ZIEKENHEINER IRELAND THE NETHERLANDS Cormac Callanan is director of Aconite Internet Solutions Hein Dries-Ziekenheiner LL.M is the CEO of VIGILO (www.aconite.com), which provides expertise in policy consult, a Netherlands based consultancy specializing development in the area of cybercrime and internet in internet enforcement, cybercrime and IT law. Hein security and safety. holds a Master’s degree in Dutch civil law from Leiden University and has more than 10 years of legal and Holding an MSc in Computer Science, he has over 25 technical experience in forensic IT and law enforcement years working experience on international computer on the internet. networks and 10 years experience in the area of cybercrime. He has provided training at Interpol and Hein was technical advisor to the acclaimed Netherlands Europol and to law enforcement agencies around the anti-spam team at OPTA, the Netherlands Independent world. He has worked on policy development with the Post and Telecommunications Authority, and frequently Council of Europe and the UNODC.
    [Show full text]
  • Traffic Analysis Attacks on Skype Voip Calls Ye Zhu Cleveland State University, [email protected]
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by EngagedScholarship @ Cleveland State University Cleveland State University EngagedScholarship@CSU Electrical Engineering & Computer Science Faculty Electrical Engineering & Computer Science Publications Department 7-1-2011 Traffic Analysis Attacks on Skype VoIP Calls Ye Zhu Cleveland State University, [email protected] Huirong Fu Oakland University Follow this and additional works at: https://engagedscholarship.csuohio.edu/enece_facpub Part of the Digital Communications and Networking Commons How does access to this work benefit oy u? Let us know! Publisher's Statement NOTICE: this is the author’s version of a work that was accepted for publication in Computer Communications. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Computer Communications, 34, 10, (07-01-2011); 10.1016/j.comcom.2010.12.007 Original Citation Zhu, Y., , & Fu, H. (2011). Trafficn a alysis attacks on Skype VoIP calls. Computer Communications, 34(10), 1202-1212. doi:10.1016/ j.comcom.2010.12.007 Repository Citation Zhu, Ye and Fu, Huirong, "Traffic Analysis Attacks on Skype VoIP Calls" (2011). Electrical Engineering & Computer Science Faculty Publications. 50. https://engagedscholarship.csuohio.edu/enece_facpub/50 This Article is brought to you for free and open access by the Electrical Engineering & Computer Science Department at EngagedScholarship@CSU. It has been accepted for inclusion in Electrical Engineering & Computer Science Faculty Publications by an authorized administrator of EngagedScholarship@CSU.
    [Show full text]
  • Wiretapping End-To-End Encrypted Voip Calls: Real-World Attacks on ZRTP
    Preprint Version, Accepted for Publication in PoPETS 2017; 2017 (3):1–17 Dominik Schürmann*, Fabian Kabus, Gregor Hildermeier, and Lars Wolf Wiretapping End-to-End Encrypted VoIP Calls: Real-World Attacks on ZRTP Abstract: Voice calls are still one of the most com- saging apps, such as WhatsApp and Facebook Messen- mon use cases for smartphones. Often, sensitive personal ger [10, 36]. As a result, mobile messaging, the most information but also confidential business information popular smartphone feature, finally includes end-to-end is shared. End-to-end security is required to protect encryption for average users. Comparing their security against wiretapping of voice calls. For such real-time features with that of voice calls shows a major imbal- communication, the ZRTP key-agreement protocol has ance. While making voice calls is the second most popu- been proposed. By verbally comparing a small number lar smartphone feature with 93% popularity [25], its se- of on-screen characters or words, called Short Authenti- curity is often neglected. It is difficult to retrofit the tra- cation Strings, the participants can be sure that no one ditional Public Switched Telephone Network with end- is wiretapping the call. Since 2011, ZRTP is an IETF to-end security, but it is feasible to protect users of mod- standard implemented in several VoIP clients. ern Voice over IP (VoIP) apps. In this paper, we analyzed attacks on real-world VoIP To protect real-time communication channels, the systems, in particular those implementing the ZRTP ZRTP key agreement protocol has been proposed. Based standard. We evaluate the protocol compliance, er- on the Diffie-Hellmann (DH) key exchange, it has been ror handling, and user interfaces of the most common standardized in 2011 as RFC 6189 [38].
    [Show full text]
  • Traffic Analysis Attacks on Skype Voip Calls Ye Zhu Cleveland State University, [email protected]
    Cleveland State University EngagedScholarship@CSU Electrical Engineering & Computer Science Faculty Electrical Engineering & Computer Science Publications Department 7-1-2011 Traffic Analysis Attacks on Skype VoIP Calls Ye Zhu Cleveland State University, [email protected] Huirong Fu Oakland University Follow this and additional works at: https://engagedscholarship.csuohio.edu/enece_facpub Part of the Digital Communications and Networking Commons How does access to this work benefit oy u? Let us know! Publisher's Statement NOTICE: this is the author’s version of a work that was accepted for publication in Computer Communications. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Computer Communications, 34, 10, (07-01-2011); 10.1016/j.comcom.2010.12.007 Original Citation Zhu, Y., , & Fu, H. (2011). Trafficn a alysis attacks on Skype VoIP calls. Computer Communications, 34(10), 1202-1212. doi:10.1016/ j.comcom.2010.12.007 Repository Citation Zhu, Ye and Fu, Huirong, "Traffic Analysis Attacks on Skype VoIP Calls" (2011). Electrical Engineering & Computer Science Faculty Publications. 50. https://engagedscholarship.csuohio.edu/enece_facpub/50 This Article is brought to you for free and open access by the Electrical Engineering & Computer Science Department at EngagedScholarship@CSU. It has been accepted for inclusion in Electrical Engineering & Computer Science Faculty Publications by an authorized administrator of EngagedScholarship@CSU. For more information, please contact [email protected]. Traffic analysis attacks on Skype VolP ca ll s Ye Zhu a ...
    [Show full text]
  • Online Conversation Application with Confidentiality, Anonymity
    Online conversation application with confidentiality, anonymity, and identity requirements Pedro Fernandes1 and Ant´onioPinto2 1 GCC, CIICESI, ESTG, Polit´ecnico do Porto, Portugal [email protected] 2 GCC, CIICESI, ESTG, Polit´ecnicodo Porto and CRACS & INESC TEC, Porto, Portugal [email protected] Abstract. The increase in usage of smartphones and the ubiquity of In- ternet access have made mobile communications services very attractive to users. Messaging services are among the most popular services on the Internet. In recent years, this services started to support confidentiality and anonymity. A recurrent problem with the existing messaging solu- tions is their lack of resistance to impersonation attacks. The proposed solution addresses the impersonation problem, without neglecting user confidentiality and anonymity, by forcing users to exchange the required cryptographic material among themselves. Moreover, this exchange must use a proximity communication technology, forcing the users to physi- cally meet. Keywords: Impersonation; Anonymity; Online conversation. 1 Introduction The increase in usage of smartphones and the ubiquity of Internet ac- cess have made mobile communications services very attractive to users. Messaging services being among the most popular because these of its availability, functionality and lower costs of communication. In partic- ular, these services make international communications free, if the user already has Internet connectivity, and very attractive due to functional- ities as the use of emoji or photo and video sharing. In recent years, these messaging services started to support end-to-end (E2E) encryption in order to protect the transmitted content from eaves- dropping when used over unsafe communication channels. In E2E encryp- tion, the messages are encrypted at the source terminal, sent through the network, and decrypted only at the destination terminal.
    [Show full text]