ECE 646 – Project Specification Inja Youn October 3, 2004 Secure Teleconferences over Public Switched Telephone Networks Purpose The goal of this project is to implement and analyze an algorithm for conducting a secure teleconference over Public Switched Telephone Network (PSTN). The primary reference is “Secure Bridges: A Means to Conduct Secure Teleconferences over Public Telephones” ([1]). This paper provides architecture and algorithms for eavesdropping resistant teleconferencing, as a service over the existing network, with minimum additions and modifications of existing infrastructure. This paper uses PKI and group shared keys to archive authentication and privacy. The content of this project will focus on: • Analyze of the protocol and its resistance to different attacks. • Simplify the protocol without weakening its security. • Create and compare variations of the protocol (using PKI and/or symmetric key cryptography). This simulation within the proposed assumptions will address the following issues: • Simulate the delay induced by different basic conference operations (call setup, add/drop a subscriber and call teardown) using OPNET software. • Simulate the same delays for the proposed protocol (secure conference). • Make a comparative study of the feasibility and reliability of a secure conference over Public Switched Telephone Network. • The ultimate goal is to prove that secure multiparty services can be implemented over Public Switched Telephone Network, without significant degradation of the quality of service.Software The software used in my simulation is the circuit-switched module of the OPNET software. OPNET requires either a Windows platform with a Visual C++.NET platform or a Solaris platform with a Gnu C++ compiler. I will use the Windows/Visual C++.NET platform to develop my simulation. Additionally, some PKI software may be required (modular arithmetic, RSA encryption/decryption, symmetric key encryption/decryption). Tentative list of questions to be answered • Is this protocol secure? • What are the potential security flaws of the algorithm and how they can be addressed? • How can the protocol be simplified without weakening its security. • Is this protocol reliable? • What are the basic conference simulated delays? o Call processing delay o Network delay o Call setup time o Conferee add time o Conferee drop time o Call teardown time • Same question for the secure conference delays. • How the basic/secure teleconferences behave under different network load? Tentative table of contents: 1. Introduction a. Multiparty communication services over PSTN b. Security flaws of the existing teleconference call c. Brief description of the proposed architecture i. Secure call setup ii. Secure user adding iii. Secure user droppingiv. Secure call teardown 2. Analysis of the proposed protocols a. Analysis of the security of call setup b. Analysis of the security of user adding c. Analysis of the security of user dropping d. Analysis of call teardown e. Analysis of the overhead required f. Simplifications and variations of the protocol 3. Quality of service analysis a. Call processing delay b. Network delay c. Switch response time d. End-to-end signaling delay e. Encryption/Authentication delay f. Call setup time g. Conferee add time h. Conferee drop time i. Call teardown time j. Basic teleconference vs. secure teleconference k. Normal network load vs. high network load l. Comparison of the delay in local/national/international networks 4. Conclusions 5. References Time schedule • September 29-30, 2004: Discussion of the project specification with the instructor. • October 3, 2004: Final project specification submitted by email. • October 13, 2004: First progress report. Analysis of the protocol and report on the OPNET implementation. • November 3, 2004: Second progress report. Simplifications and variations of the protocol. Implementation and analysis of a basic teleconference using OPNET.• November 17, 2004: Third progress report. Analysis of the QoS of the basic teleconference. • December 1, 2004: Final progress report. OPNET implementation and analysis of a secure conference call. Draft of the viewgraph presentation. • December 11, 2004: Final project report by email. • December 13, 2004: Reviews of the project report. • December 15, 2004: Final presentation. List of the possible areas where the specification can change Depending on the progress of the OPNET implementation, I may implement less than four algorithms (Call Setup, adding an user, dropping an user, call teardown). Also, some of the topics may be treated only superficially (upon agreement with the instructor). References: [1] Youn I, Wijesekera D. Secure Bridges: A Means to Conduct Secure Teleconferences over Public Telephones. Proceedings of IFIP WG 11.3 Working Conference on Data and Application Security pages 205-218, Sitges, Spain, 2004. [2] Katzela I. OPNET. Computer Networks. Computer Simulation. Prentice Hall, 1999. [3] AT&T Webpage, www.att.com/technology/technologists/fellows/lawser.html [4] J. G. von Bosse. Signaling in Telecommunication Networks. John Wiley & Sons, New York, 1998. [5] CPKtec Research Labs web page, http://www.cpktec.com/performance.html. [6] Specifications of Signaling System No. 7--Message Transfer Part Signaling Performance. ITU-T Recommendation Q.706, March 1993. [7] Specifications of Signaling System No. 7--Signaling performance in the Telephone Application. ITU-T Recommendation Q.706, March 1993. [8] Stage 3 description for multiparty supplementary services using DSS 1. ITU-T Recommendation, Q.954, 1993. [9] Stage 3 description for multiparty supplementary Specifications of signaling system no. 7. ITU-T Recommendation Q.734, 1993. [10] Stage 2 description for multiparty supplementary services. ITU-T Recommendation Q.84, 1993.[11] Specifications of Signaling System No.7--Hypothetical Signaling Reference Connection. ITU-T Recommendation Q.709, March 1993. [12] G. Lorenz, T. Moore, J. Hale, and S. Shenoi. Securing SS7 Telecommunications Networks. In Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, June 2001. [13] T. Russell. Signaling system #7. McGraw-Hill, New York, 2002. [14] R. Sailer. Security in an Open Service Environment. In Proceedings of the Fourteenth Annual Computer Security Applications Conference,
View Full Document
Unlocking...