Implementing a VIPSec based application for handhelds: design and optimization issues
Article No.: 55, Pages 1 - 6
Abstract
Voice over IP technology enabled the growth of Internet telephony applications that make use of public common infrastructures to provide voice and data communications to their users. The growth of wireless Internet enables users to connect to the network from different locations using mobile Internet devices. Security is a major concern for mobile Internet telephony users, yet the lack of secure inline key exchange mechanisms is one of the major drawbacks for the use of these applications for business use. The intrinsic vulnerabilities of wireless networks make the VoWiFI case even worse while compromising security of a call is as easy as breaching human administration security of the service network. In this paper we describe the design and implementation of a secure VoIP application for handheld devices that is using the strong security mechanisms of Voice Interactive Personalized Security protocol (VIPSec). We analyze the architectural fundamentals and we present the implementation elements of the application. User sign-in and other subsidiary procedures follow the Client-Server model while the media path is direct between the users. The application is developed in Java and is suitable for mobile devices running Windows CE or Linux, essentially securing end-to-end voice, video and data communications in wireless communications.
References
[1]
http://www.skype.com
[2]
http://www.voipbuster.com
[3]
http://www.msn.com
[4]
Kopsidas Spyros, Zisiadis Dimitris and Tassiulas Leandros, "Voice interactive personalized security (VoIPSec) protocol: fortify internet telephony by providing end-to-end security through inbound key exchange and biometric verification", Hot Topics in Web Systems and Technologies, 2006. HOTWEB '06. 1st IEEE Workshop on, Vol., Iss., Nov.2006, pp. 1--10
[5]
Phil Zimmerman, "ZRTP: Extensions to RTP for Diffie-Hellman Key Agreement for SRTP", Internet Draft
[6]
http://zfoneproject.com
[7]
http://en.wikipedia.org/wiki/Evil_twin_(wireless_networks)
[8]
Savola R., Lehtonen S. and Röning, J., "Information Security Threats in Popular and Emerging Wireless Technologies", Proceedings of the 6th Annual Security Conference. Las Vegas, NV, USA, 11--12 April 2007. The Information Institute. Washington, DC, USA (2007), 25-1--25-11
[9]
Feng Cao and Malik S., "Security analysis and solutions for deploying IP telephony in the critical infrastructure", Security and Privacy for Emerging Areas in Communication Networks, 2005. Workshop of the 1st International Conference on, Vol., Iss., 5--9 Sept. 2005 pp. 171--180
[10]
G. Me and D. Verdone, "An overview of some techniques to exploit VoIP over WLAN", Digital Telecommunications, 2006. ICDT '06. International Conference on, Vol., Iss., 2006 p. 67
[11]
Phil Zimmerman, Jon Callas, "ZRTP and ZFone", NOMS 2006, 3rd April 2006.
[12]
Michael T. Goodrich, Michael Sirivianos, John Solis, Gene Tsudik and Ersin Uzun, "Loud and clear: human verifiable authentication based on audio", Distributed Computing Systems, 2006. ICDCS 2006. 26th IEEE International Conference on, Vol., Iss., 2006 p. 10
[13]
Cagalj M., Capkun S. and Hubaux J.-P., "Key agreement in peer-to-peer wireless networks", Proceedings of the IEEE, Vol. 94, Iss. 2, Feb. 2006 pp. 467--478
[14]
http://vipsec.inf.uth.gr/PresentApplet1.html
[15]
http://vipsec.inf.uth.gr/PresentApplet2.html
[16]
http://en.wikipedia.org/wiki/Diffie-Hellman
[17]
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
[18]
King Tom, "Packet Sniffing In a Switched Environment", SANS Institute, July 2006, http://www.sans.org/reading_room/whitepapers/networkdevs/244.php
[19]
Deckerd Gary, "Wireless attacks from an intrusion detection perspective", SANS Institute, November 2006, http://www.sans.org/reading_room/whitepapers/honors/1681.php
[20]
Philippe Biondi, Fabrice Desclaux, "Silver needle in the Skype", BlackHat Europe, March 2nd and 3rd 2006.
[21]
http://www.speex.org
[22]
http://en.wikipedia.org/wiki/Java_(programming_language)
[23]
http://java.sun.com/products/java-media/jmf/
[24]
http://en.wikipedia.org/wiki/Data_Encryption_Standard
Index Terms
- Implementing a VIPSec based application for handhelds: design and optimization issues
Index terms have been assigned to the content through auto-classification.
Recommendations
Design and Implementation of a VIPSec Based Application
MOBIQUITOUS '07: Proceedings of the 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking&Services (MobiQuitous)Voice over IP (VoIP) is one of the most emerging technologies, while a respectable number of corresponding applications are being implemented or updated in daily basis. Although communications security is a constant challenge, most VoIP applications ...
Theft Preventive Measures for Interconnected Personal Computer Devices as Proactive Physical Security of Data
This article is concerned with the arising problems and implications of physical security and privacy of personal and control data on portable computer devices, especially smartphones. The authors consider various classifications of portable computer ...
Did You Want Privacy With That?: Personal Data Protection in Mobile Devices
Smartphones and mobile devices make desktops and laptops seem clunky in comparison, but do they protect privacy? Here, the author examines the mechanisms for mobile device privacy, from operating system approaches to what users should know about risks.
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Sponsors
Publisher
ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)
Brussels, Belgium
Publication History
Published: 27 August 2007
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
MobiMedia07
Sponsor:
MobiMedia07: Third International Mobile Multimedia Communications Conference
August 27 - 29, 2007
Nafpaktos, Greece
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 202Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 11 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in