Implementation of Encryption and Hash Function over SDP data in secured VoIP communication

Abstract

One of the most demanding aspects of the Internet now is voice communication. It can be achieved through Voice over Internet Protocol (VoIP). Although the data communication over VoIP is very reliable and secure, some of its underlying protocols are not. An example is the Session Initiation Protocol (SIP) and its underlying Session Description Protocol (SDP) which are responsible for establishing voice calls and describing the multimedia session respectively. Session Initiation Protocol (SIP) is a signaling protocol which creates a unicast and multicast session between communicating parties. This protocol does not enforce any security parameters. It uses the Session Description Protocol (SDP) to announce the session profile. The body of the SDP message is written in plaintext. Hence this exchange of information between the communicating devices is insecure and can easily be intercepted and exploited by a third party. To remedy this problem we intend in this work to create a hash of the data contained in the SDP body to ensuring data integrity. Furthermore, we intend to encrypt the information using Symmetric Key Encipherment to ensure that only the receiver can decrypt the message and implement Digital Signature to authenticate the sender.