Design and implementation of SIP security

Abstract

Session Initiation Protocol (SIP) is the Internet Engineering Task Force (IETF) standard for IP telephony. It is the most promising candidate as a signaling protocol for the future IP telephony services. Comparing with the reliability provided by the traditional telephone systems, there is an obvious need to provide a certain level of quality and security for IP telephony. The problem of security is tightly related to the signaling mechanisms and the service provisioning model. Therefore, there is a very hot topic in the SIP and IP telephony standardization for security support. In this paper, we propose a security mechanism for SIP-based voice over IP (VoIP) systems. Specifically, we focus on the design and implementation of SIP authentication for VoIP users. The performance issues for our secure SIP-based VoIP systems are also investigated. By means of a real testbed implementation, we provide an experimental performance analysis of our SIP security mechanisms, and compare the performance with the methods described in standardization. © Springer-Verlag Berlin Heidelberg 2005.