Browse > Article
http://dx.doi.org/10.13089/JKIISC.2009.19.3.73

Efficient and Secure User Authentication and Key Agreement In SIP Networks  

Choi, Jae-Duck (School of Electronic Engineering, Soongsil University)
Jung, Sou-Hwan (School of Electronic Engineering, Soongsil University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.19, no.3, 2009 , pp. 73-82 More about this Journal
Abstract
This paper proposes an efficient and secure user authentication and key agreement scheme instead of the HTTP digest and TLS between the SIP UA and server. Although a number of security schemes for authentication and key exchange in SIP network are proposed, they still suffer from heavy computation overhead on the UA's side. The proposed scheme uses the HTIP Digest authentication and employs the Diffie-Hellman algorithm to protect user password against dictionary attacks. For a resource-constrained SIP UA, the proposed scheme delegates cryptographically computational operations like an exponentiation operation to the SIP server so that it is more efficient than the existing schemes in terms of energy consumption on the UA. Furthermore, it allows the proposed scheme to be easily applied to the deployed SIP networks since it does not require major modification to the signaling path associated with current SIP standard.
Keywords
Authentication; Key Agreement; SIP; Diffie-Hellman;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. Roesnberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler, "SIP: Session Initiation Protocol," RFC 3261. June 2002
2 L. Wu, Y. Zhang, and F. Wang, "A new provably secure authentication and key agreement protocol for SIP using ECC," Computer Standards &. Interfaces, vol. 31, no. 2, pp. 286-291, Feb. 2009   DOI   ScienceOn
3 C. Yang, R. Wang, and W. Liu, "Secure authentication scheme for session initiation protocol," Computers & Security, vol 24, no. 5, pp. 381-386, Aug. 2005   DOI   ScienceOn
4 C. Yeun, K. Han, and K. Kim, "New novel approaches for securing VoIP applications," Proceeding of the Sixth International Workshop for Applied PKC, Dec. 2007
5 D. Geneiatakis, G. Kambourakis, C. Lambrinoudakis, T. Dagiuklas, and S. Gritzalis, "A framework for protecting a SIP-based infrastructure against malformed message attacks," Computer Net works, vol. 51, no. 10, pp. 2580-2593, July 2007   DOI   ScienceOn
6 F. Wang and Y. Zhang, "A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography," Computer Communications, vol. 31, no. 10, pp. 2142-2149 , June 2008   DOI   ScienceOn
7 W. Diffie and M. Hellman, "New directions in cryptology," IEEE Transactions on Information Theory, vol. 22, no. 6 , pp. 644-654, Nov. 1976   DOI
8 A. Durlanik and I. Sogukpinar, "SIP authentication scheme using ECDH," Proceedings of World Academy of Science, Engineering and Technology, pp. 350-353, Oct. 2005
9 D. Geneiatakis and C. Lambrinoudakis, "A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment, " Telecommunication Systems , vol. 36. no. 4. pp. 153-159, Dec. 2007   DOI   ScienceOn
10 J. Ring, K. Choo, E. Foo, and M. Looi, "A new authentication mechanism and key agreement protocol for SIP using Identity-based cryptography," Proceeding of AusCERT Asia Pacific Information Technology Security Conference , pp. 57-72 , May 2006
11 D. Wing, S. Fries, H. Tschofenig, and F. Audet, "Requirements and analysis of media security management protocols," IETF draft-ietf-sip-media-security-req irements-08, Oct. 2008
12 A. Shamir, "Identity-based cryptosystems and signature schemes," Advances in Cryptology, CRYPTO’84. LNCS 196. pp. 47-53. 1984
13 MIRACL, Multiprecision Integer and Rational Arithmetic C/C++ library, http://www.shamu.ie