利用資料分享方法以增進網路電話之安全性

Abstract

近年來，由於網路傳輸的速率加快，許多需要即時(Real-Time)傳輸的應用程式開始盛行，最明顯的是網路電話(Voice over IP，VoIP)的崛起。VoIP運用網路傳輸的優點，大幅降低了成本，所以頗受供應商以及用戶的好評。但是原本IP網路傳輸的本質為“盡最大努力傳送”(Best effort)，對於傳輸的品質是很大的挑戰，而且近年來越來越多的網路攻擊行為，如：阻斷攻擊(Deny of Service)、中間攻擊者程式(Man-In-Middle attack)、竊聽程式(Wiretap)…等，傳輸的安全性也因此受到很大的考驗。 傳統用來保護傳輸安全的方法，例如加解密，需要花費較多的時間在對明文加、解密上，並且對於用來加密的金鑰(Key)需要額外的保護，不適合用於時間敏感度高(Time sensitive)的應用上。本篇論文將視覺加密法(Visual cryptography)和資料分享(Data sharing)的概念運用於VoIP傳輸上，希望藉此達到防止他人中途竊聽。在不影響聲音品質下減少延遲時間，並且去除掉傳統加解密方法中，金鑰建立與傳送的手續。加上運用互斥多路徑路由(Disjoint multi-path routing)於分享資料(Share data)上的傳送，提高網路使用效能，以減少網路擁塞的發生，間接減少傳輸延遲，以利於即時應用(Real-time application)的傳遞。

In recent years, because the speed of network transmission increases, a lot of time-sensitive applications begin to prevail. The most obvious example is the network telephone (Voice over IP). The advantages of voice over IP network are lower cost and flexible. The IP network transmits packet using the “best effort” method, so the quality of VoIP should be taken in consideration by the supplier. More and more network attacks are discovered in recent years, like Deny of Service (DoS), Man-In-Middle attack, and the eavesdropping program (Wiretap).In this thesis, we will focus on the security of voice data in public IP network. Traditional methods used for secure transmission, such as encryption, spend too much time in data encryption and decryption. Those encryption methods also spend much time in key establishment, key exchange and protection. When using visual cryptography and data sharing methods, we can reduce the influence of those problems that mentioned above. Therefore we use this concept in voice data transmission over Internet to prevent from the wiretap attack, and to transit the voice data through the network more efficiently. In addition, we utilize the disjoint multipath routing algorithm to send data, so we can reduce the occurrence of network hot-spot.