Introduction

There are two competing breeds of VoIP signaling protocols, H.323 from the ITU and SIP from the IETF Accordingly there are also two groups of VoIP security protocols accompanying each of them. One for H.323 is a group of protocols named H.235.x, and the other for SIP includes TLS, S/MIME, and SRTP. They are not completely exclusive to each other. Some components are overlapped, such as X.509 digital certificate, TLS secured transport, and SRTP encryption. In this chapter, we will put our main focus on protocol suites for SIP from the IETF, and then a brief introduction to ITU suites (H.235 group); pointers to individual components are presented for the investigative reader.

Suites from the IETF

Realizing the security issues present in VoIP, the IETF picked up three landmark security protocols in the SIP standard Transport Layer Security (TLS), Secure/Multipurpose Internet Mail Extensions (S/MIME), and Secure Real-Time Transfer Protocol (SRTP) to be used for securing SIP service. The basic approach consisted of adding a security layer below the existing VoIP protocol rather than crafting a new security protocol. The layered architecture is shown in Figure 9.1. The advantage of this approach is that existing protocol implementation can be reused for secured communication by adding security layers.

Figure 9.1: Layered Architecture of VoIP Security Protocol

In general, TLS, which was chosen to protect SIP signaling messages, provides an upper layer secured tunnel to its peer entity. It is basically a successor of Secure Sockets Layer (SSL) version 3. The Service Data Unit...