Internet Protocol (IP) communications and telephony systems have gained wide spread adoption. One of the first examples of end-to-end IP communications between two clients included Instant Messaging, but this was soon followed by Voice-over-IP and now many providers (e.g., network operators and application providers) offer end-to-end Video-over-IP. However, these trends were largely restricted to wired fixed networks, given that wireless mobile network access has been dominated by narrow-band circuit switched access networks. However, the recent deployment of broadband 4G (fourth generation) wireless networks sets the stage for all forms of multimedia over IP communications end-to-end, independent of access type.
With the transition towards end-to-end IP sessions, the market has witnessed a resurgence in interest as well as an awareness for security and privacy over these open IP networks. As a first step, end-to-end encryption and authentication are paradigms that are gaining wide attention. While contemporary Internet transactions involving commerce and Enterprise Intranet access have been secured end-to-end for over a decade now, securing conversational applications over IP have been largely left to the application provider.
With the advent of all-IP networks, such as those employing the Internet Protocol (IP) Multimedia Subsystem (IMS), it has become increasingly necessary for network operators or others who offer voice, video, and messaging services to provide end-to-end security. For example, with a Diffie-Hellman based key exchange, it is possible to create an end-to-end encrypted session between two communication end-points such that even if another party were able to obtain all the communication (bearer flows) between the two end-points, the party would still not be able to decrypt the bearer flows.
However, it is known that there is a need to be able to comply with requirements to support lawful or legal interception and discovery of security associations. For example, such legal interception and discovery of security associations may be necessary for law enforcement purposes, or simply for some non-law enforcement purpose, whereby it is necessary or desirable to be able to readily decrypt encrypted information transmitted between parties and/or devices.