基于SIP的VoIP安全终端设计与实现

发布时间：2018-05-09 10:18

  本文选题：会话初始协议 + 实时通信协议　； 参考：《电子科技大学》2014年硕士论文

【摘要】：随着网络技术朝着数字化、综合化、智能化的方向飞速发展,网络已经深深融入了人们的日常生活、工作中,通过IP网络提供语音、视频、传真、数据等多媒体综合业务已成为实时通信发展的趋势和目标。这种利用IP网络为人们提供语音、数据信息交换的技术,伴随着网络的进一步普及,已逐渐成为人们相互沟通、联络的重要手段之一。然而为IP终端设备提供服务的IP网络存在着各种各样的安全隐患,网络上传输的IP数据包极易为黑客所截获,从而造成关键信息的丢失或被窃听。本文的目标是设计并实现一台以系统级芯片(SoC)作为处理器的网络电话(VoIP)原理样机,基于该平台提供采用SIP协议的VoIP语音通信功能,并针对网络电话通信过程中的实时媒体数据RTP报文进行加解密处理,通过IP网络为用户提供经过了加密保护的VoIP语音通信。本文首先针对VoIP通信系统中需要应用到的相关技术(如语音编解码、呼叫控制协议及加解密技术等)进行了分析和研究。对当前主流的几种呼叫控制协议和加解密算法进行分析与比较,确定采用会话初始协议(SIP)作为安全终端的基本信令协议,以高级加密标准(AES)作为实时通信协议(RTP)媒体报文的加密算法,再针对SIP协议和AES算法的基本流程、认证机制和编码规则进行研究。以此为基础采用标准的SoC芯片为核心设计并实现安全VoIP语音通信终端。设计实现的工作分为软、硬件两部分:软件方面主要包括SIP协议栈的移植,驱动开发,身份认证机制的设计和调试;硬件方面则是对主要芯片的选型,原理框图的设计,外围电路的搭建以及AES算法的FPGA实现。本文详细介绍了硬件电路和软件代码的设计、调试过程,并从通话效果、线路抓包等方式针对最终实现的基于SIP协议的VoIP安全终端进行了测试。最后通过在内部的测试网络中搭建一套开源SIP服务器,将基于SIP的安全终端接入测试网络中,对安全终端的VoIP语音通信功能进行测试,并通过网络抓包方式对VoIP通信的安全性进行了验证。
[Abstract]:With the rapid development of network technology in the direction of digitalization, integration and intelligence, the network has been deeply integrated into people's daily life and work, providing voice, video, fax through IP network. Multimedia integrated services such as data has become the trend and goal of real-time communication. With the further popularization of the network, the technology of using IP network to provide people with voice and data information exchange has gradually become one of the important means for people to communicate and communicate with each other. However, there are various security risks in IP networks serving IP terminal devices. The IP packets transmitted on the network are easily intercepted by hackers, resulting in the loss of critical information or eavesdropping. The goal of this paper is to design and implement a prototype of VoIP based on system level chip (SoC), and provide VoIP voice communication function based on SIP protocol. The encryption and decryption of real-time media data RTP message in the process of network telephone communication is carried out, and the VoIP voice communication is provided through IP network. This paper firstly analyzes and studies the relevant technologies (such as speech coding and decoding, call control protocol and encryption and decryption) that need to be applied in VoIP communication system. This paper analyzes and compares several popular call control protocols and encryption and decryption algorithms, and determines that the session initiation protocol (SIP) is adopted as the basic signaling protocol for secure terminals. The advanced encryption standard (AES) is used as the encryption algorithm of real-time communication protocols (RTPs). The basic flow, authentication mechanism and coding rules of SIP protocol and AES algorithm are studied. On this basis, the standard SoC chip is used as the core to design and implement the secure VoIP voice communication terminal. The work of design and implementation is divided into two parts: the software mainly includes the transplantation of SIP protocol stack, the development of driver, the design and debugging of identity authentication mechanism, the selection of main chips and the design of schematic block diagram in hardware. The construction of peripheral circuit and the FPGA implementation of AES algorithm. This paper introduces the design and debugging process of hardware circuit and software code in detail, and tests the VoIP security terminal based on SIP protocol from the aspects of call effect, line capture packet and so on. Finally, by building an open source SIP server in the internal test network, the secure terminal based on SIP is connected to the test network to test the VoIP voice communication function of the security terminal. The security of VoIP communication is verified by network packet capture.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN915.08

【参考文献】

中国期刊全文数据库 前2条

1 卢华;王保保;;oSIP协议栈的研究及应用[J];电子科技;2006年02期

2 陈红宇;分组语音技术[J];无线电通信技术;2002年03期

中国硕士学位论文全文数据库 前1条

1 徐瑞华;基于SIP协议的VoIP终端平台的设计与实现[D];西安科技大学;2007年

，

本文编号：1865646