A study on the tightening the security of the key management protocol (RFC4568) for VoIP

VoIP is more and more popular around the world. The number of residential VoIP subscribers worldwide is predicted to rise to 197.2 million in 2010, up more than 40x from 4.8 million in 2004. But VoIP security threats are both inherent in data networks and unique to VoIP such as eavesdropping, denial of service (DoS), service abuse, and so on. Especially, eavesdropping could violate user's privacy, and therefore we have to adopt VoIP security protocol to counter eavesdropping. This paper analyzes the RFC 4568 as the key management protocol for SRTP and proposes a novel scheme that tightens security of RFC 4568.