Implementing a VIPSec based application for handhelds: design and optimization issues

Voice over IP technology enabled the growth of Internet telephony applications that make use of public common infrastructures to provide voice and data communications to their users. The growth of wireless Internet enables users to connect to the network from different locations using mobile Internet devices. Security is a major concern for mobile Internet telephony users, yet the lack of secure inline key exchange mechanisms is one of the major drawbacks for the use of these applications for business use. The intrinsic vulnerabilities of wireless networks make the VoWiFI case even worse while compromising security of a call is as easy as breaching human administration security of the service network. In this paper we describe the design and implementation of a secure VoIP application for handheld devices that is using the strong security mechanisms of Voice Interactive Personalized Security protocol (VIPSec). We analyze the architectural fundamentals and we present the implementation elements of the application. User sign-in and other subsidiary procedures follow the Client-Server model while the media path is direct between the users. The application is developed in Java and is suitable for mobile devices running Windows CE or Linux, essentially securing end-to-end voice, video and data communications in wireless communications.