隨著網路電話(VoIP)的廣泛使用,同樣地,垃圾語音及電話詐欺或電話行銷非意願性的來話等,即所謂的垃圾語音(Spam over Internet Telephony ;SPIT) ,已逐漸開始成為當今網路電話應用中,極為嚴重的安全性議題。由於VoIP是即時性的網路服務應用,目前有關防止垃圾郵件的工具均無法直接且有效地應用於解決SPIT的問題,同時,語音廣告或詐騙電話的訊息操作手法推陳出新,讓社會大眾飽受威脅,嚴重影響社會治安及生活安寧,若單純禁止無號碼來源的作法不合實際,也無法有效抑止垃圾語音氾濫問題,只會徒增受話者的困擾,嚴重影響社會治安及生活安寧。因此,利用現有公鑰基礎建設(PKI)作為VoIP呼叫端身份認證機制,實為理想且可行的方式。 為此,本篇論文研究重點在於研究如何利用安全即時傳輸協定(SRTP)及安全會話描述協定(SDES)進行密鑰交換及協商密碼參數,如主密鑰識別(MKI)或AES加密方式,對SIP控制訊息加密及認證訊息的完整性來保護語音認證訊息不被不肖人士截取或竄改,實作一個以安全語音認證方式來確保發話方是已獲得伺服器所授權,來話方身份是可以為受話方所認可,避免發話方的來電號碼是被偽造或冒名受話方可接受的來話名單,受話方可自行建立的可靠的來話名單選擇是否接受該來電或拒接,如此,受話方可降低受到無謂的垃圾語音電話干擾的機會,進而確保未來網路電話正常營運化的全方位發展。 With the progress of the network, peoples can communicate with each other easily. The popularization of the Broadband network makes many things that could be hard to achieve becoming possible. However, the threat of SPIT is likely to increase as the more flexible SIP multimedia standard becomes more popular. Spam over IP Telephony (SPIT) is expected to become a serious problem in near future. It has the potential to become an even bigger problem than email spam, because the callee will be disturbed by each received SPIT call. This paper describes how to based on SDES to achieve SRTP master key exchange on voice authentication, integrate SRTP and SIP to SRTP_UE and then use session key derived from master key to protect real-time voice communication from eavesdropping. A new SPIT prevention method that is effective and acceptable for the call participants because it does not affect the callee at call and limits the interaction with caller to an acceptable minimum. Using SRTP with DTMF to simulate ASR (Automatic Speech Recognition), meanwhile propose a system model for VoIP ID (It’s likely Citizen Digital Certificates) on authentication servers. The general concept may be applied for different data in the meanwhile, for instance, one idea would be to ask all clients to register a unique and valid mobile phone number for each VoIP ID. As foundation for building general SPIT prevention systems with this and other innovative methods, this paper proposes reference architecture for SPIT prevention systems.
