| VoIP is a rising technology with Internet commercial revolution and Network crisis development since 90 ages of the twenty century. SIP is a signal protocol of IP phone lodged by IETF. Although H.323 is still the main standard of VoIP communication network, SIP is in good favor by more and more communication owner. SIP is in IETF standardization phase now. Many problems are waiting for deeper research, and the security mechanism of SIP is one of them. The research background and trends about SIP inland and overseas, and correlated technology are introduced firstly in this thesis. Then, aiming at the comment security threats of SIP, the problem of some used in SIP traditional security protocols' leakage of identity authentication and no providing the function of key negotiation, the method of SIP's identity authentication and key negotiation is researched in this thesis. An idea of improved HTTP digest authentication is presented, and a SIP security communication system based on HTTP digest authentication is designed and implemented. The main content is as below: 1. In SIP's security measure, the method of the traditional HTTP digest authentication is improved, and the functions of bidirectional identity authentication and key negotiation are supplied. 2. The method of transport of SIP message is introduced, and the transitions with two kinds of protocols and multithreading is implemented. The implementing method of UDP and TCP transport is introduced. 3. The process of message processing is researched. The implement of accidence analysis and IDEA used in data encryption is introduced in emphases. 4. The implement of digest authentication is introduced. In this part, the content of some SIP header are extended, the digest algorithm becomes more flexible, the instance of nonce and response is explained, and SHA1... |
PDF Full Text Request