pki authentication of voip subscribers in the telecommunicating networks
Skip this Video
Download Presentation
PKI Authentication of VoIP Subscribers in the Telecommunicating Networks

Loading in 2 Seconds...

play fullscreen
1 / 14

PKI Authentication of VoIP Subscribers in the Telecommunicating Networks - PowerPoint PPT Presentation

  • Uploaded on

PKI Authentication of VoIP Subscribers in the Telecommunicating Networks . Shaul Mansour Eldar Zilberman Gilad Keinan Ohad Behore. Yuri Granovsky Yuval Elovici. Background.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'PKI Authentication of VoIP Subscribers in the Telecommunicating Networks' - luka

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
pki authentication of voip subscribers in the telecommunicating networks

PKIAuthentication of VoIP Subscribers in the Telecommunicating Networks








Today we are witnessing a great change in telecommunication technology when more and more phone companies are changing their technology and choosing to use VoIP as the new standard for Telecommunication.

This change is the cause for major security

problems which must be taken into consideration.

project goal
Project Goal

The goal of our project is to solve one of those security problems, supplying a way for VoIP users to authenticate each other and make authenticated calls.

Our solution is based on public key infrastructure and will use public key certificates issued by a central certificate authority (CA).

proposed solution
Proposed Solution

Every VoIP client will be based on a different remote computer and will be able of making calls to all known clients (omitting the need for SIP server).

The receiving side will decide whether a certain call will be authenticated or not, for authenticated calls certificates will be swapped and challenges will be sent to authenticate certificate holder's identity.

At the first authenticated call, the client will communicate the CA, sending a certificate signing request (CSR) and receiving a signed certificate to present to other clients.

system architecture
System Architecture

VoIP Client

CA Server

SIP Agent







Authentication module

CA Tools



system components
System Components

The Certificate Authority will consist of:

CA tools – Certification creation and management.

CRL - Holding a list of revoked certificates, and will respond to queries.

Communication service – Service for client connections.

Storage module – Will save all issued certificates and client information.

The VoIP Client will consist of:

SIP agent - In charge of actual communication.

Authentication module – Exchanging certificates with other clients.

Enabler – Creation and management of public key certificates.

Storage module – Local database for each client.

non func requirements
Non-Func. Requirements

Processing a certificate signing request with the CA server should take less than 5 seconds.

Exchanging certificates with another client and waiting for certificate authentication from the CA server should not take more than 2 second.

The CA Server should handle as many as 150 requests simultaneously.

In 100% of cases, when a client with a false certificate or revoked one is authenticated with another client, the call attempt fails.

The VoIP agent and the CA Server will be developed for Linux platform, communication will be developed in C++ and module logics in Java.

The client should be apparent when the agent is running and when there are errors but not overwhelm the user with redundant messages.

detailed use case id7
Detailed Use Case – ID7

Primary actors: The user

Description: The user initiates a call to another user on the network.

Trigger: The user enters a number to dial, and presses "send" button.

Pre-conditions: The VoIP client is installed on the device and is currently running.

Post-conditions: The user is communicating with another user