基于IMS的VoIP高速媒体流安全网关设计与实现

发布时间：2018-04-25 12:29

  本文选题：VoIP + RTP　； 参考：《电子科技大学》2014年硕士论文

【摘要】：随着网络技术朝着数字化、综合化、智能化的方向飞速发展,网络已经深深融入了人们的日常生活、工作中,通过IP网络提供语音、视频、传真、数据等多媒体综合业务已成为实时通信发展的趋势和目标。这种利用IP网络为人们提供实时信息交互的技术,随着网络应用的进一步普及,已成为人们相互联络的重要手段。然而为IP终端设备提供服务的IP网络存在着各种各样的安全隐患,网络上传输的IP数据包极易为黑客所截获,从而造成关键信息的丢失或被窃听。本文的目标是设计并实现一种高速VoIP安全网关,该安全网关和项目团队同步研制的安全终端以及管理设备共同组成一个VoIP加密系统。安全网关对RTP(Real-Time transport protocol,实时传输协议)报文进行加解密处理,从而为用户提供安全的VoIP语音通信。本文首先对VoIP通信系统以及该系统应用到的相关协议进行了阐述和分析,对当前主流的几种呼叫控制协议和加解密算法进行分析与比较,确定采用以AES(高级加密标准)作为RTP媒体报文的加密算法,设计并实现了VoIP安全网关。主要的工作分为软、硬件两部分:软件方面主要包括驱动开发,数据封装协议和密钥分发协议的设计和调试;硬件方面则是对主要芯片的选型,原理框图的设计,外围电路的搭建以及AES算法的FPGA实现。本文详细介绍了硬件电路和关键模块的Verilog代码,软件部分的具体实现不属于本论文的研究内容,未做详细说明。最后,通过在内部测试网络中搭建一套开源SIP服务器,笔者测试了本论文设计的安全网关对VoIP语音业务的加密功能和加密性能,另外,通过抓包的方式对VoIP通信的安全性进行了验证。
[Abstract]:With the rapid development of network technology in the direction of digitalization, integration and intelligence, the network has been deeply integrated into people's daily life and work, providing voice, video, fax through IP network. Multimedia integrated services such as data has become the trend and goal of real-time communication. With the popularization of network application, the technology of using IP network to provide real-time information interaction has become an important means for people to communicate with each other. However, there are various security risks in IP networks serving IP terminal devices. The IP packets transmitted on the network are easily intercepted by hackers, resulting in the loss of critical information or eavesdropping. The goal of this paper is to design and implement a high speed VoIP security gateway. The security gateway, the security terminal and the management equipment developed by the project team synchronously constitute a VoIP encryption system. The security gateway encrypts and decrypts the RTP(Real-Time transport protocol (real-time transmission protocol) packets to provide the users with secure VoIP voice communication. In this paper, firstly, the VoIP communication system and the related protocols used in the system are described and analyzed, and several popular call control protocols and encryption and decryption algorithms are analyzed and compared. AES (Advanced encryption Standard) is adopted as the encryption algorithm of RTP media message. The VoIP security gateway is designed and implemented. The main work is divided into software and hardware: software mainly includes driver development, data encapsulation protocol and key distribution protocol design and debugging, hardware is the selection of the main chip, schematic design, The construction of peripheral circuit and the FPGA implementation of AES algorithm. This paper introduces the hardware circuit and the Verilog code of the key module in detail. The realization of the software part does not belong to the research content of this paper, and has not been explained in detail. Finally, by building an open source SIP server in the internal test network, the author tests the encryption function and performance of the security gateway designed in this paper for VoIP voice services. The security of VoIP communication is verified by packet capture.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN915.05
，

本文编号：1801327