一种基于Kademlia的网络语音安全多路通信方法

基于互联网络的开放性特点，端到端的网络语音难以避免遭到监听、拒绝服务和流分析等攻击，极大危害到网络语音的安全。文章为应对这些安全问题而提出了一种基于异或运算KademliaP2P协议的网络语音安全多路通信机制。语音数据在发送端就开始进行分流处理，每个加密的语音包拆分成多个密文碎片，同时通过多条独立的路径发送至对端。转发节点选取Kademlia协议中的超级节点，并从生成的多条路径中基于最优算法选取性能最优、一致性最好的组合用于语音传输。通话两端的呼叫及密钥协商过程均基于多路径实现。实验和分析表明，文章提出的方法在保证语音服务质量不下降的基础上，能有效抵抗中间链路监听，拒绝服务攻击及密钥破解等安全问题。

A Secure Multilink Network Voice Communication Scheme based on Kademlia

Based on the open characteristics of the Internet, it is difficult for end-to-end network voice communication to avoid attacks such as eavesdropping, denial of service, flowing analysis, etc, which bring great threats to the security of network voice system. In order to solve these security problems, a secure multilink network voice communication scheme based on Kademlia P2P protocol with XOR algorithm is proposed in this paper. Firstly, the voice streams are divided and separately processed at the transmitting point. Then each encrypted voice packet is split into multiple ciphered segments and sent to the received terminal through multiple independent routed paths. Super nodes in Kademlia protocol are selected as the forwarding nodes, but the real nodes generated the forwarding multipath are selected based on the optimal algorithm and the combination with optimal performance and best consistency. Calls processing and key negotiation processes are also implemented based on multipath scheme. From results of experiment and analysis, we conclude that the proposed secure multilink scheme can effectively solve the security problems such as eavesdropping, denial of service attacks and key crack, etc. while the quality of service of communicated network voice is not lowered.