CrypTalk is a Java-based Voice over IP (VoIP) project that uses a layered architecture to improve audio quality across unreliable channels whilst implementing security measures. It applies packet compensation techniques, encrypts audio per packet, and authenticates packets with a Message Authentication Code (MAC) using keys securely generated and shared via Diffie-Hellman key exchange. In demos, audio remained unintelligible and all forged or tampered packets were rejected.
The design is layered: a VoIP layer handles sequencing, jitter buffering, and loss compensation; a Security layer provides encryption and MAC-based authentication; both sit above an abstracted Transport layer and an Audio layer - these are used to send packets, and play audio.
The OSI model in networking has seven layers: Physical → Data Link → Network → Transport → Session → Presentation → Application. CrypTalk relies on the lower network layers and extends the upper layers with VoIP-specific functionality. The mapping is as follows:
- Physical (1), Data Link (2), Network (3): Provided by the underlying network; CrypTalk relies on these layers.
- Transport (4): Via abstracted UDP sockets (DatagramSocket) in the application - this is the base of the project’s stack.
- Session & Presentation (5 & 6): Implemented as a Security layer (authentication, encryption) and a VoIP layer (compensation, sequencing).
- Application (7): Via an abstracted Audio layer that captures and plays audio for the user.
Network techniques such as interleaving, repetition, and jitter buffers improve perceived audio quality. Security is provided by per-packet encryption and MACs with keys established between clients through Diffie-Hellman, enabling strong authentication and authorisation.
