- 學位論文
SIP與三向金鑰交換協議協定在多方通訊之效能分析
Performance Analysis of SIP+TW-KEAP in Multiparty Key Exchange and Agreement
摘要
隨著網路快速的發展,IP網路的攻擊也越來越多,如何維持一個安全的通訊環境也就成為重要的議題。金鑰交換協議是個利用私密會話金鑰達到兩端點的通訊安全的加密機制,本篇論文特別針對兩個客戶端分別註冊在不同的伺服器上,以3-Party與5-Party的金鑰交換協議做討論。為了支援合法監聽,代理伺服器也參與金鑰交換取得共享的會話金鑰,設計整個流程能夠符合三方交握(three-way handshake),以便SIP會話流程的建立。本篇論文將SIP與三向金鑰交換協議協定(TW-KEAP)調整應用在3-Party和5-Party的金鑰交換協議,稱為3-Party SIP+TW-KEAP和5-Party SIP+TW-KEAP。根據SIP環境中多個代理伺服器的特性,實驗不同數量代理伺服器所造成的服務延遲,從3-Party到5-Party的實驗結果推算出N-Party的queuing delay。透過實驗數據做queuing delay效能分析比較,從結果觀察出SIP+TW-KEAP有較佳的效率。
並列摘要
With the rapid growth of the network. More and more IP-based network attacks have to be faced. How to maintain a secure communication environment has become an important issue, and the key exchange protocol is the most important cryptography mechanism to protect end-to-end communications by the secret session key encryption. This paper focuses on the 3-party and 5-party key exchange protocol in an environment in which two clients (or UEs) are registered under different servers. In order to support lawful interception, the proxy servers are also involved in the key exchange to obtain the shared session key. Designing the overall process can meet the three-way handshake in SIP session establishment. This paper extends three-way key exchange and agreement protocol (TW-KEAP) for SIP to 3-Party and 5-Party key exchange protocol, denoted by 3-Party SIP+TW-KEAP and 5-Party SIP+TW-KEAP. According to the characteristic of multiple proxy servers in SIP environment, experimenting with different number of the proxy server to compare service delays. From 3-Party to 5-Party experimental results, we could derive queuing delay of N-Party. Based on the performance analysis of queuing delay and comparison of experimental results, SIP+TW-KEAP has better efficiency.