San Jose State University SJSU ScholarWorks Master's Projects Master's Theses and Graduate Research 2010 Security in Peer-to-Peer SIP VoIP Richa Marwaha San Jose State University Follow this and additional works at: https://scholarworks.sjsu.edu/etd_projects Part of the Computer Sciences Commons Recommended Citation Marwaha, Richa, "Security in Peer-to-Peer SIP VoIP" (2010). Master's Projects. 160. DOI: https://doi.org/10.31979/etd.hum3-25xy https://scholarworks.sjsu.edu/etd_projects/160 This Master's Project is brought to you for free and open access by the Master's Theses and Graduate Research at SJSU ScholarWorks. It has been accepted for inclusion in Master's Projects by an authorized administrator of SJSU ScholarWorks. For more information, please contact [email protected]. Security in Peer-to-Peer SIP VoIP A Writing Project Presented to the Faculty of the Department of Computer Science San José State University In Partial Fulfillment of the Requirements for the Degree Master of Science by Richa Marwaha September 2010 1 Abstract VoIP (Voice over Internet Protocol) is one of the fastest growing technologies in the world. It is used by people all over the world for communication. But with the growing popularity of internet, security is one of the biggest concerns. It is important that the intruders are not able to sniff the packets that are transmitted over the internet through VoIP. Session Initiation Protocol (SIP) is the most popular and commonly used protocol of VoIP. Now days, companies like Skype are using Peer-to-Peer SIP VoIP for faster and better performance. Through this project I am improving an already existing Peer-to-Peer SIP VoIP called SOSIMPLE P2P VoIP by adding confidentiality in the protocol with the help of public key cryptography. 2 Contents 1. Abstract …………………………………………………………………………….2 2. Introduction ………………………………………………………………………..6 2.1 Existing Architectures in VoIP………………………………………….7 2.1.1H.323 Architecture ………...................................................7 2..1.1.1H.323 Protocol ……….....................................................7 2.1.1.2H.225 Protocol……….....................................................10 2.1.1.3H.245 Signaling ………..................................................12 2.2 SIP Architecture ………………………………………......................13 3. Peer-to-Peer VoIP……………………………………………………………….15 3.1 Introduction……………………………………………………………..15 3.2 Structure Overlay/Distributed Hash Tables ………………………...15 3.3 Chord Algorithm………………………………………………………..16 3.3.1 Chord ……………………………………………………………...16 3.3.2 Finger Table……………………………………………………....16 3.3.3 Predecessor Peer …………………………………....................16 3.3.4 Successor Peer…………………………………………………...16 3.3.5 Hash Algorithm and Identifier…………………………………....16 3.3.6 DHT Linker Header………………………………......................16 3.3.7 Link Type and Depth Value……………………………………...16 3.4 Chord Overlay Algorithm……………………………………………..19 3.4.1 Finger Table, Predecessor Peer, and Successor Peer………20 3.5 Peer-to-Peer Overlay Structure………………………………………...20 3 3.6 Session Establishment………………………………………………….20 4. Initial Proposal ……………………………………………………………………20 5. Security Threats…………………………………………………………………..22 5.1 Security Threats in VoIP………………………………………………...22 5.2 Security Threats in SIP………………………………………………….23 6. SOSIMPLE: A Serverless, Standard-based P2P SIP VoIP…………………24 6.1 Introduction……………………………………………………………….24 6.2 Background Challenges………………………………………………...25 6.2.1 SIP and SIMPLE…………………………………………………...25 6.2.2 Scenarios Requiring a New Approach……………………………25 6.3 Requirements…………………………………………………………….25 6.4 SOSIMPLE P2P SIP VoIP Architecture……………………………….26 6.4.1 Structure and Message…………………………………………...26 6.4.2 Node-Level Operation ……………………………………………27 6.4.3 User Operation ……………………………………………………28 6.4.5 Security and Authentication ……………………………………..28 7. My Approach……………………………………………………………………….29 7.1 Improvement over Existing Protocol…………………………………...29 7.2. Security and User Authentication……….……………… 8.Implementation………………………………………………………………..…...32 9. Performance Graphs………………………………………………………….......41 10. Kademlia Algorithm in SOSIMPLE …………………………………………..42 11. Comparison between Chord and Kademlia…………………………………45 4 12. Conclusion…..…………………………………………………………………..46 13. Appendix ………………………………………………………………………..46 14. Future Work …………………………………………………………………….47 15. References ……………………………………………………………………....47 5 2. Introduction Voice over Internet protocol (VoIP) is used to transmit voice communications over the Internet using IP packets. Voice –-- > ADC ––-- > INTERNET –-- > DAC ––- > Voice (Source) (Analog to (Digital to (Destination) Digital Convertor) Analog Convertor) Figure 1. VoIP functionality The following are the steps to set up VoIP: 1. We convert the analog voices into digital signal (Bits) using Analog Digital Convertor (ADC). 2. After the conversion, the digital signals have to be compressed and in a good format; there are many protocols that can be used to transmit these bits. 3. Here the voice packets must be inserted into data packets using a real- time protocol. 4. A signaling protocol is needed to call users. 5. At the receiver end, the data packets are disassembled, extracted, converted back to the analog signal. 6. Everything is done at real-time as the users cannot wait too long for a vocal answer. Voice)) ADC ––-Compression Algorithm –-Assembling RTP in TCP/IP | | ––––--> <––––- | Voice (( DAC –--Decompression - -- Disassemble Algorithm RTP from TCP/IP Figure 2: Base Architecture 6 2.1 Different Architectures of VoIP 2.1.1 H.323 Architecture 2.1.1.1 H.323 Protocol H.323 protocol is one of the first multimedia conferencing protocols that includes voice, video, and data conferencing. H.323 protocol uses packet-switching network. This architecture was one of the first standards for VoIP because of its complex design; it is not as popular as SIP architecture. It has a client/server model in which there is a gateway and a gatekeeper. The sessions created using H.323 architecture can be dynamically adjusted and attributes modified such as encoding and decoding formats for the media, bandwidth required for the session, and data types (such as voice or video). The biggest disadvantage of this architecture is that it does not provide guaranteed quality of service (QoS). The H.323 stack is implemented at the application layer and it contains the following: • H.225 and H.245 for signaling control • Audio codec • H.263 and H.261 for video codec • T.120 series used for data transmission Figure 3. H.323 Stack 7 H.323 architecture has the following: • Terminals • Voice gateway • Gatekeeper (optional) • Multipoint control unit (MCU) • Border elements a) Terminals Include telephones, VoIP phones, IVR phones, voicemail phones, and soft phones. b) Voice gateways Gateways contain 2 parts: • Media gateway controller (MGU), helps to handle call signal and other non-media-related media • Media gateway (MG), which helps in handling media c) Gatekeeper (optional) Even though Gatekeeper is optional but it acts like the brain of the architecture. It provides the following features: • Call control services • Call signaling routing • It helps in monitoring the call made by the gatekeeper and helps in controlling the calls that made in network. • It also helps to make the routing decision based on various factors. • IP telephony 8 d) Multipoint control unit (MCU) Helps in managing the multipoint conference. It does it with the help of the Multipoint Controller (MC) which looks at calls signaling and can also do multipoint processing with the help of multiple processors (MP). e) Border and peer elements Peer elements does exchange-addressing information, it also participate in doing call authorization not just within but also between administrative domains. Border elements are a special type of peer element. They are between two administrative domains. Figure 4. H.323 Connection and Session Setup 9 2.1.1.2 H.225 Protocol The H.225 protocol is one of the protocols that have been specified by H.323 architecture. It contains registration, admission, and status (RAS). It is also known as the H.225 RAS protocol. Terminal and H.225 Gatekeepers Gateways RAS Figure 5. Basic architecture of H.225 Protocol Figure 6. General Protocol of H.225 Registration, Admission, and Status The purposes of this protocol are: • Admission control • Access control • Assistance in gatekeeper discovery (GRQ) • Assisting in locating and registering the endpoints The biggest disadvantage of this protocol is that the channel through which the message is passed is highly unreliable and the message exchange can sometimes lead to timeouts. 10 2.1.1.2.1 H.225 Call Signaling : H.225 call signaling is a protocol that uses established calls between two H.323 entities. It also contains information that helps in carrying additional information that can be related to specific messages. It allows a user to initiate and end a call with other users. The users use entities to exchange messages. They use a setup entity to set up a VoIP call between the users; with the help of call processing, they create the voice call between the users. After exchanging these entities, user 2 to which user 1 wants to connect gets an alert that user 1 is trying to call him, and once user 2 agrees, the protocol uses a connect entity to create a connection between the users. With the help of information entities, they are able to send voice data to each other. The users can also use entities such as status, status inquiry, progress, and notify, with the help of which they know how the call