1. Field of the Invention
The present invention relates generally to communication based on Voice over Internet Protocol (VoIP), and more particularly, to a method and apparatus for encrypting communication data with digital keys.
2. Description of the Related Art
VoIP, also known as a voice packet network, is a communication service technology that enables call processing in the general telephone network by converting voice data into Internet Protocol (IP) data packets.
Since VoIP uses an IP network, its call information can be exposed to malicious attackers. In order to solve this problem, a Public Key Infrastructure (PKI) technology is conventionally used to ensure the security of wire/wireless networks.
In the PKI technology, a sender may encrypt transmission information with a recipient's public key extracted from a recipient's electronic certificate. Upon receipt of the transmission information, a recipient may acquire contents of the information by decrypting the received information with its own private key uniquely known to the recipient.
For operation of a PKI-based security system, the system should be able to determine whether a public key, which is information available to everyone, really belongs to a user who asserts an ownership of the public key. The determination could be verified using an electronic certificate issued by a reliable third authority, i.e. a Certification Authority (CA), by attaching an electronic signature of the CA to the public key of the owner.
However, the PKI-based security system may suffer significant waste of time and costs due to generation and management of public key/private key pairs, and issuance and management of electronic certificates by the third certification authority. In addition, a user should necessarily maintain his/her own private key and public key information on a disc or in the memory of a terminal, and should also maintain other users' certificate information, which causes an increase in maintenance cost. As a result, the PKI-based security system is unsuitable for VoIP-based communication.
Therefore, there is a need for research into an encryption and authentication method suitable for VoIP-based communication.