An architecture for obtaining VoIP session encryption keys in a Calea compliant network.
A number of laws have been passed in recent decades governing the wiretapping and interception of conversations on the PSTN and recently the internet. The Communications Assistance for Law Enforcement Act (CALEA) passed in 1994 requires that digitally switched telephone networks be designed and built with wiretap capabilities and that service providers assist Law Enforcement Agencies (LEA) in obtaining the desired surveillance. The FCC has ruled that the CALEA also applies to Voice over IP (VoIP) conversations. This has generated considerable contention amongst the internet community regarding the extent to which wiretapping should be embedded into the applicable internet protocols. A number of industry opinions have been expressed that providing wiretap capability will reduce the security of the internet and compromise the basic internet design paradigm. That paradigm expresses the view of placing the complexity in the applications implemented by end users and simplicity in the routing of information between them. The IETF has provided general guidelines regarding architecture for the interception and availability of the information to the LEAs but has declined to produce a full fledged standard. Internet component manufacturers have driven the effort to meet the requirements of CALEA. However in an effort to meet the understood surveillance requirements none of the existing architectures adequately address the issue of end user encryption both in the signaling and content messages. Law enforcement agencies must rely on access to available decryption tools which may delay the timely response to threatening situations in the current war on terror. A key management system which allays the concerns with internet security and complexity is addressed in this investigation.
Thesis (Ph.D.)--Wichita State University, College of Engineering, Dept. of Electrical and Computer Engineering