Overview of the solution
The solution consists of the following components:
1. A SIP server to handle the voice over IP sessions according to the SIP standard. The Server installation includes the SIP (OpenSIPS) with TURN / ICE support for NAT traversal and media server. All server functionality is based on open source and transparent basis and the ability to adapt when necessary. The corresponding setup is used in commercial operation for about 5 years. The client is created with a unique domain for the client sip:secumobi.com and corresponding domain used in servers that handle SIP and VoIP traffic. Customer will provide domain name to easily move to the permanent operating environment at a later stage.
2. The client installation includes :
- SIP and mobile clients software running on Android
- Hardware module running a mobile security java applet (the hardware module is a special SD card including a crypto processor chip)
Existing solution uses a hardware-based security module that implements cryptographic functions based on ECC 192 or 384 bit and AES 256 bit with lightweight authenticated Diffie-Hellman key negotiation.
Secure VoIP SECUMOBI clients allow the user to self-administrate their phonebook for secure connections. This is done through a user can send an invite to another user thereby exchanging certificates used in future calls. Calls can’t be made if the users are not exchanging keys. The key exchange also has a signature should be verified by both parties to accept the obtained certificate.
Authentication & session key
ECC 384 bit Diffie-Hellman key exchange and Authentication
After the reception of the SIP Invite, the called party establishes an RTP/RTCP channel and request authenticated Diffie-Hellman parameters from security module. The module calculates D-H parameter and authentication based on stored private ECC key (Elliptic Curve Cryptography) and sends D-H + authentication over RTCP.
On the other side the application receives called party D-H parameter & authentication and requests security module to authenticate called party & apply D-H parameters.
The security module calculates unique session key from D-H key negotiation. This session key is the same on both caller and called party module, both parties are authenticated and the key is unique for every session (perfect forward secrecy) Authentication is done by applying the private key from caller and then using the public key (stored in secure phone book after a validated exchange of credential) of the other party security module.
AES256 media stream encryption after Key exchange
Implementation uses patented technology to be able to encrypt media without exposing session keys outside the security module
The Application at the caller side initiate SRTP stream and sends media stream (from CODEC) to security module (Micro SD). The module encrypts & decrypts media. The application sends encrypted media packets over SRTP to called party.
The application sends decrypted media from called party to loudspeaker Encryption uses AES 256 in counter mode.
CODEC uses fixed bit rate (4.75 kbit/s)
The communication can be started after the key exchange. SECUMOBI uses AES256 for encrypting voice streams and text messages. This standard is recommended by the NSA (National Security Agency) for handling “top secret” information