Based On Strong Authentication Technology Voip System

With the development of next generation network and soft-switch technology, the VoIP technology which transports voice over IP network has a brilliant prospect. However, the security problems become the biggest obstacle that the development of VoIP technology has to face, which seriously limit the extensive application of VoIP technology.Firstly, this paper researches the foundation of VoIP technology, including fundamental principle, system architecture and protocol layers. After summing up and analyzing the representative security threats of VoIP, this paper presents that the representative security threats of VoIP are caused by the openness of IP network and the weakness of VoIP authentication mechanism. Then, this paper discusses the existing security authentication technology of VoIP.After analyzing the characteristics of remote strong authentication and the limitation of pure authentication, this paper presents to achieve remote strong authentication with PKI technology. Then, this paper researches the principle and the realization mechanism of identity authentication, message authentication and digital signature, which provides the theoretical basis for solving VoIP authentication problems.Based on the theoretical research above, this paper presents the VoIP system based on strong authentication technology, which applies remote strong authentication technology to VoIP system in order to enhance the security intensity of its authentication mechanism. The system adds a new functional entity--Certificate Authority, which manages user's public key with digital certificate and makes smart card as the secure storage carrier of digital certificate. Then, SIP is extended, which adds necessary message type and message header field in order to realize strong authentication. Simultaneously, this paper abstracts the operation process of SIP and sets up SIP protocol operation model, which adopts the identity authentication mechanism based on challenge/response and digital signature technology to ensure the authenticity of VoIP entity, the integrity and non-repudiation of SIP message. Furthermore, this paper analyzes the issue of system security. Finally, this paper designs a VoIP system based on strong authentication technology and achieves some module's function.