Secure Internet Telephone for Android

Abstract

The name of our project is Secure Internet Telephone for Android. In this project we will develop a VoIP Android client based on SIP protocol. The project is funded and is to be deployed at NESCOM and will not be available for download at the Play Store or similar services. We will use an open-source Asterisk server as a PBX since it was required by NESCOM. This is a security Centered project where security is our number one concern even if performance is compromised. Compared to existing VoIP systems we have to provide user Authentication in our system we do this by using a speaker recognition Library and provide confidentiality via end to end encryption. We are required by NESCOM to provide authentication without using a PKI and use PGP instead so a simple solution was using ZRTP which checks this Criteria. An implementation of ZRTP is zfone and some of its parts are not available under an open source license but it also cannot provide any help against an imposter who has access to the device and we would try to solve that by speaker recognition and local user authentication via password as of now there are no existing open source systems that use speaker recognition for authentication. This project is challenging because there is not much help online and the open source libraries have very little documentation. we often have to improvise and certain stages of this project. We will be using several open source stacks and libraries and work over them to create a VoIP client. Our System also provides chat message or IM service via using a Simple Chat Library that takes text from the text box and sent it to the library core which than sends it to appropriate contact. We also maintain contacts using a SQLite Database and populate the interface accordingly. NESCOM can deploy the asterisk server on their own domain and their system and network administrator can manage the database and user agents. The system will always require internet access to work. The security features used in this project such as speaker recognition can be further utilized in future android apps. We were not able to run the ALIZE speaker recognition library due to which the user authentication portion of the project could not be completed.