Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.3.463

Efficient and Secure User Authentication and SDP Encryption Method in SIP  

Kim, Jung-Je (Graduate School of Information Security, Korea University)
Chung, Man-Hyun (Graduate School of Information Security, Korea University)
Cho, Jae-Ik (Graduate School of Information Security, Korea University)
Shon, Tae-Shik (Division of Information and Computer Engineering, Ajou University)
Moon, Jong-Sub (Graduate School of Information Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.3, 2012 , pp. 463-472 More about this Journal
Abstract
This paper propose a security method that performs mutual authentication between the SIP UA and the server, check for integrity of the signaling channel and protection of SDP information for VoIP using a One-Time Password. To solve the vulnerability of existing HTTP Digest authentication scheme in SIP, Various SIP Authentication schemes have been proposed. But, these schemes can't meet security requirements of SIP or require expensive cryptographic operations. Proposed method uses OTP that only uses hash function and is updated each authentication. So Proposed method do not require expensive cryptographic operations but performs user authentication efficiently and safely than existing methods. In addition, Proposed method verifies the integrity of the SIP messages and performs SDP encryption/decryption through OTP that used for user authentication. So Proposed method can reduce communication overhead when applying S/MIME or TLS.
Keywords
VoIP Security; OTP; SIP; User Authentication;
Citations & Related Records
연도 인용수 순위
  • Reference
1 C. Yang, R. Wang, and W. Liu, "Secure authentication scheme for session initiation protocol", Computers & Security, vol. 24, no. 5, pp. 381-386, Aug. 2005.   DOI   ScienceOn
2 최재덕, 정수환, "효율적이고 안전한 SIP 사용자 인증 및 키 교환", 정보보호학회논문지, 19(3), pp. 73-82, 2009년 6월.
3 J. Ring, K. Choo, E. Foo, and M. Looi, "A New Authentication Mechanism and Key Agreement Protocol for SIP Using Identity-based Cryptography", Proceeding of AusCERT Asia Pacific Information Technology Security Conference, pp. 57-72, May 2006.
4 C. Yeun, K. Han, and K. Kim, "New Novel Approaches for Securing VoIP Applications", Sixth International Workshop for Applied PKC, Dec. 2007.
5 T. Guillet, R. Moalla, A. Serhrouchni, and A. Obaid, "SIP Autehntication based on HOTP", Proceedings of the 7th international conference on Information, communications and signal processing, pp. 685-688, Dec. 2009.
6 H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", IETF RFC 2104, Feb. 1997.
7 YaSSL, http://www.yassl.com/yaSSL/Products-cyassl.html
8 PBC Library, http://crypto.stanford.edu/pbc/download.html
9 강신각, "인터넷 텔레포니(VolP) 포럼 (www. voip-forum.or.kr)", TTA 저널, 84, pp. 176-181, 2002년 11월.
10 J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler, "SIP: Session Initiation Protocol", IETF RFC 3261, June 2002.
11 J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence, P. Leach, A. Luotonen, and L. Stewart, "HTTP Authentication: Basic and Digest Access Authentication", IETF RFC 2617, June 1999.
12 T. Dierks and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", IETF RFC 5246, Aug. 2008.
13 S Turner, "Secure/Multipurpose Internet Mail Extensions", IEEE Internet Computing, vol. 14, no. 5, pp. 82-86, Sep. 2010.   DOI
14 M. Handley, V. Jacobson, and C. Perkins, "SDP: Session Description Protocol", IETF RFC 4566, July 2006.
15 E. Rescorla, "Diffie-Hellman Key Agreement Method", IETF RFC 2631, June 1999.
16 A. Shamir, "Identity-Based Cryptosystems and Signature Schemes", Advance in Cryptology, CRYPTO'84, LNCS 196, pp. 47-53, 1985.
17 D. M'Raihi, M. Bellare, F. Hoornaert, D. Naccache, and O. Ranen, "HOTP: An HMAC-based One-Time Password Algorithm", IETF RFC 4226, Dec. 2005.
18 N. Haller, C. Metz, P. Nesser, and M. Straw, "A One-Time Password System", IETF RFC 2289, Feb. 1998.
19 F. Andreasen, M. Baugher, and D. Wing, "Session Description Protocol Security Description for Media Streams", IETF RFC 4568, July 2006.