This paper presents a new innovative key exchange protocol for mobile VoIP devices. Further we analyze the existing key exchange protocols namely MTKEY, ZRTP and SDES and their vulnerability towards Man-In-The-Middle attack. The focused research area in VoIP is related to the Security and Quality of service of the voice data. Among these areas VoIP security and confidentiality of voice data turns to be a challenging one .As VoIP delivers the voice packet over the public internet, using the transparent IP protocol suite the confidentiality of the voice data is at risk. Moreover exchanging cryptographic keys to encrypt the media stream in the Session Initiation Protocol has proven to be quite difficult task. The existing key exchange protocols have been quite vulnerable to the Man-In-The-Middle attack. Therefore there is a need for stronger key management protocol which will secure the voice data from all types of attack and which also provides a feasible key exchange mechanism. In our approach we go for a two tier key exchange mechanism, in which the first tier involves ECDH for key seeding and the second tier involves a Key Generation Function (KGF), which takes care to the key update by consuming absolutely zero bandwidth. Here we take care to that this mechanism yields a very effective mechanism for preserving the confidentiality of the voice data without affecting the quality of the voice in Mobile Based VoIP devices.
展开▼
