A Robust Stream Control Transmission Protocol (SCTP)-Based Authentication Protocol

  • Malek Rekik
  • Amel Makhlouf
  • Mohammad S. Obaidat
  • Faouzi ZaraiEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 554)


Among the Stream Control Transmission Protocol (SCTP)’s features that make it more robust and efficient than other transport layer protocols, are Multihoming and multistreaming. However, these assets make it more more vulnerable under several attacks. Several researches have been trying to secure SCTP but it is obvious that these efforts can degrade the QoS (Quality of Service) by adding additional delay. Therefore, we propose in this paper a secure authentication protocol for SCTP. Our scheme is designed to protect multihoming networks with reduced number of exchanging messages, and parameters in each message and communicating nodes. We use SPAN (Security Protocol Animator) for AVISPA (Automated Validation of Internet Security Protocols and Applications) tool for analysis and validation of our scheme. The obtained validation results show that the scheme is safe.


Multihoming SCTP Security Authentication AVISPA SPAN 


  1. 1.
    Stewart, R.: Stream Control Transmission Protocol, IETF RFC4960, September 2007.
  2. 2.
    Cano, M.D.: On the use of SCTP in wireless networks. In: Lin, J.-C. (eds.) Recent Advances in Wireless Communications and Networks (2011). ISBN: 978-953307-274-6Google Scholar
  3. 3.
    Bellovin, S., Ioannidis, J., Keromytis, A., Stewart, R.: On the Use of Stream Control Transmission Protocol (SCTP) with IPsec, IETF RFC3554, July 2003.
  4. 4.
    Eronen, P.: IKEv2 Mobility and Multihoming Protocol (MOBIKE), IETF RFC4555, June 2006.
  5. 5.
    Kivinen, T., Tschofenig, H.: Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol, IETF RFC 4621, August 2006.
  6. 6.
    Jungmaier, A., Rescorla, E., Tuexen, M., Keromytis, A., Stewart, R.: Transport Layer Security over Stream Control Transmission Protocol, IETF RFC3436, December 2002.
  7. 7.
    Hohendorf, B., Unurkhaan, E., Dreibholz, T.: Secure SCTP draft-hohendorf-secure-sctp-02.txt, August 2006.
  8. 8.
    Tuexen, M., Stewart, R., Lei, P., Rescorla, E.: Authenticated Chunks for the Stream Control transmission Protocol (SCTP), IETF RFC 4895, August 2007.
  9. 9.
    Rekik, M., Meddeb-Makhlouf, A., Zarai, F., Obaidat, M.S.: A SCTP-based authentication protocol: SCTPAP. In: 4th International Conference on Simulation and Modeling Methodologies, Technologies and Applications, Vienna (Austria), August 2014Google Scholar
  10. 10.
    The avispa project.
  11. 11.
  12. 12.
    Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Trans. Inf. Theory 29, 198–208 (1983)zbMATHMathSciNetCrossRefGoogle Scholar
  13. 13.
    Bouabidi, I., Zarai, F., Obaidat, M.S., Kamoun, L.: An efficient design and validation technique for secure handover between 3GPP LTE and WLANs systems. J. Syst. Softw. (JSS) 91, 163–173 (2014). ElsevierCrossRefGoogle Scholar
  14. 14.
    Obaidat, M.S., Boudriga, N.: Security of e-Systems and Computer Networks. Cambridge University Press, Cambridge (2007)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Malek Rekik
    • 1
  • Amel Makhlouf
    • 1
  • Mohammad S. Obaidat
    • 2
  • Faouzi Zarai
    • 1
    Email author
  1. 1.LETI LaboratoryUniversity of SfaxSfaxTunisia
  2. 2.Department of Computer Science and Software EngineeringMonmouth UniversityWest Long BranchUSA

Personalised recommendations