الفهرس 
IntroductionOnly 14 pages are availabe for public view
 |  | from | 135 |  |  |
| | | from | 135 | | |
Abstract
IP Telephony is transport of telephone calls over the Internet and it has been rapidly
replacing public switched telephone networks (PSTN). There are three protocols of IP.Telephony which are signaling protocol (H.323 and SIP), media transport (RTP and.RTCP) which transmits voice samples and Supporting Services (DNS, ENUM, TRIP,
RSVP and STUN) which improves performance and ease of use. The Real Time Protocol
(RTP) is used to transport voice media and it carries encoded voice message between two
callers. It must protect RTP packet from many attacks in the network.
We need to implement SRTP in minimum time by using a novel TEA algorithm which
takes minimum processing time.
We use key derivation to implement SRTP; the key derivation function is used to derive
the different keys (SRTP encryption keys and salts, SRTP authentication keys) from one
single master key in a cryptographically secure way. Thus, the key management protocol
needs to exchange only one master key, all the necessary session keys are generated by
applying the key derivation function. The master key and master salt are used by an
external key management protocol as input to PRF to derive a set of session key. The set
of session keys are session encryption and salt keys which are used to generate the
keystreams that is used for encryption/decryption SRTP packet. The session
authentication key is used to calculate and prove the MAC of the SRTP and SRTCP
packets.
The scenario of SRTP implementation consists of three steps. The first step is in the
SRTP sender. The SRTP encryption and salt keys are used for the encryption and
decryption of SRTP packet which encrypt the RTP payload to produce the encryption
portion of the packet by using a novel TEA encryption algorithm.
The second step is authentication process to authenticate encrypted SRTP packet. The
message authentication is used to calculate and prove HMAC of the SRTP packets. The
sender side computes authentication tag for authenticated portion of the packet. The
SRTP receiver side will generate HMAC and compare between authentication tags in the
SRTP sender side if two tags are equal, then message concatenation with authentication
III
tag pair is valid otherwise; it is invalid and error audit message “AUTHENTICATION
FAILURE” must be returned.
The final step is in the SRTP receiver side which decrypts the encryption portion of the
packet using novel TEA decryption algorithm.
To select the algorithm which takes minimum time, we must evaluate and compare
among six encryption algorithms to minimize the processing time and we select the
algorithm which take minimum time.
There are many examples of encryption algorithms such as AES, Blowfish, IDEA, RC5,
CAST-128 and TEA. The strength of symmetric key encryption depends on the size of
keys, number of rounds and the round function. For example, the longer key is the
hardest to break or attack. The comparison examines the processing time of the six
encryption algorithms and the Novel TEA Algorithm gives minimum processing time.
There are two encryption algorithm categories: symmetric and asymmetric key
algorithms. Symmetric key algorithm is based on a shared secret and Asymmetric key
algorithm is based on pairs of two types of keys private and public. Symmetric
encryption algorithms are divided into stream ciphers and block ciphers, stream ciphers
encrypt a single bit of plaintext at a time but block ciphers take a number of bits and
encrypt them as a single unit.
AES is the stronger algorithm but it takes more time 92.06 ms. The blowfish algorithm
has less power but more time so the blowfish has disadvantages in the decryption
algorithm in terms of time consumption and serially in the output which takes 7.359 ms.
IDEA, the length of IDEA makes it impossible to break by simply trying every key. It is
a fast algorithm, and has been done in hardware chipsets, making it even faster which
takes 8.609 ms. RC5 uses a pseudorandom initialization sequence followed by a complex
set of operations involving variable length (rotations) and mod 2 additions, so it is
difficult to say which of these approaches is superior and the security of RC5 is strong
because the key size is large which takes 7.152 ms. CAST-128 has structure of classical
feistel network which consisted of 16 rounds and 64 bit blocks of plaintext to produce 64
bit blocks of ciphertext. We implement CAST-128 encryption algorithm and implement a
novel CAST-128 decryption algorithm to get the original data. CATS-128 is very
complex and very long encryption/decryption algorithms which takes 42.057 ms.
IV
The Tiny Encryption Algorithm (TEA) was designed by David Wheeler and Roger
Needham of the Cambridge Computer Laboratory. It is a symmetric private key
encryption algorithm and TEA one of the fastest and most efficient cryptographic
algorithms in existence and TEA operates on 64 bit blocks and uses a 128 bit key. We
need to modify TEA algorithm and produce the Novel TEA Algorithm which takes 1.744
ms and used it to implement SRTP with minimum processing time. In addition to saving
bandwidth, end to end delay and powerful algorithm which gives the best meets half way
between securities.
Because there are many attacks in the network, we must protect our system from attacks.
We implement of a simulation that will examine how IP Telephony can detect attacks.