Skip to main content
SpringerLink
Log in

Practical authentication scheme for SIP

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

The Session Initiation Protocol (SIP) is commonly used to establish Voice over IP (VoIP) calls. However, the original authentication scheme for SIP-based service typically uses HTTP Digest authentication protocol, which is s not providing security at an acceptable level. In this paper, we propose a secure and practical password-only authenticated key agreement scheme for SIP using elliptic curve cryptography(ECC). Our scheme is remarkable efficient and quite simple to use. And yet we can provide the rigorous proof of the security for it. Therefore, the end result is more suited to be a candidate for SIP authentication scheme. In addition, we also suggest an extended scheme capable of providing anonymity, privacy, and location privacy to protect the user’s personal information and his real identity.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Rosenberg J et al (2002) SIP: Session Initiation Protocol. IETF RFC 3261

  2. Handley M et al (1999) SIP: Session Initiation Protocol. IETF RFC 2543

  3. International Telecommunications Union (1993) ITU-T Recommendation Q.700: Introduction to CCITT Signalling System 7. Recommendation Q.700. International Telecommunications Union

  4. Franks J et al (1999) HTTP authentication: basic and digest access authentication. IETF RFC 2617

  5. Stefano S et al (2002) SIP security issues: the SIP authentication procedure and its processing load. IEEE Network 16(16):38–44

    Google Scholar 

  6. Geneiatakis D, Dagiuklas T, Kambourakis G, Lambrinoudakis C, Gritzalis S (2006) Survrery of security vulnerabilities in session initial protocol. IEEE Commun Surv Tutor 8(3):68–81

    Article  Google Scholar 

  7. Sisalemd D, Kuthan J, Ehlerts S (2006) Denial of service attacks targeting a SIP VoIP infrastructure: stack scenarios and prevention mechanisms. IEEE Network 20(5):26–31

    Article  Google Scholar 

  8. Andreas S, Daniel K and Andreas S (2004) SIP security. Security Group, CH-8401

  9. Yoon E, Yoo K, Kim C, Hong Y, Jo M, Chen H (2010) A Secure and efficient SIP authentication scheme for converged VoIP networks. Comput Commun 33(14):1674–1681

    Article  Google Scholar 

  10. Vesterinen P (2006) User authentication in SIP. TKK T-110.5290 seminar on Network Security, pp 12–11/12

  11. Yang C et al (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24:381–386

    Article  Google Scholar 

  12. Ring J,Choo K, Foo E, Looi M (2006) A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography. Proc AusCert R&D Stream pp 61–72

  13. Wang F, Zhang Y (2008) A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Comput Commun 31:2142–2149

    Article  Google Scholar 

  14. Dimitris G, Costas L (2007) A lightweight protection mechanism against signaling attacks in a SIP-Based VoIP environment. Telecommun Syst 36(4):153–159

    Article  Google Scholar 

  15. Wu L et al (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comp Stand Inter 31(2):286–291

    Article  Google Scholar 

  16. Liao Y, Wang S (2010) A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves. Comput Commun 33(3):372–380

    Article  Google Scholar 

  17. Yoon E, Shin Y, Jeon I, Yoo K (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Techn Rev 27(3):203–213

    Article  Google Scholar 

  18. Xie Q (2011) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54. doi:10.1002/dac.1286

    Google Scholar 

  19. Rhee et al (2009) A remote user authentication scheme without using smart cards. Comp Stand Inter 31:6–13

    Article  Google Scholar 

  20. Shamir A (1984) Identity-based cryptosystem and signature schemes. In: Proc. Crypto 1984. LCNS, vol 196, pp 47–53

  21. Al-Riyami S, Paterson K (2003) Certificateless public key cryptography. In: Proc. advances in Cryptology-Asiacrypt’2003. LCNS, vol 2894, pp 452–473

  22. Girault M (1991) Self-certified public keys. In: Proc. Eurocrypt’91, pp 491–497

  23. Petersen H, Horster P (1997) Self-certified keys: concepts and applications. In: Proc. the third international conference on communications and multimedia security, pp 102–116

  24. Boyd C,Montague P,Nguyen K (2001) Elliptic curve based password authenticated key exchange protocols. In: Proc. ACISP 2001, pp 487–501

  25. Hankerson D, Menezes A, Vanstone S (2004) Guide to elliptic curve cryptography. Springer, New York, USA

    MATH  Google Scholar 

  26. Koblitz N (1987) Elliptic curve cryptosystem. Math Comp 48:203–209

    Article  MathSciNet  MATH  Google Scholar 

  27. Kong L et al (2006) A lightweight scheme for securely and reliably locating SIP users. In Proc. IEEE workshop VoIP management and security: 9–17

  28. Rosenberg J, Schulzrinne H (2002) Session Initiation Protocol (SIP): locating SIP servers, RFC 3263

  29. Phan D, Pointcheval D (2004) About the security of Ciphers. In: Proc. the workshop on selected areas in cryptography 2004. LNCS, vol 3352, pp 185–200

  30. Bresson E, Chevassut O, Pointcheval D (2004) New security results on encrypted key exchange. In: Proc. PKC 2004. LNCS vol 2947. Springer, pp 145–158

  31. Abdalla M, Pointcheval D (2005) Interactive Diffie-Hellman assumptions with applications to password-based authentication. In: Proc. FC’2005, pp 341–356

  32. Choo K, Boyd C, Hitchcock Y (2005) Examining indistinguishability-based proof models for key establishment protocols. In: Proc. ASIACRYPT’2005, pp 585–604

  33. Bellare M, Pointcheval D, Rogaway P (2000) Authenticated key exchange secure against dictionary attacks. In: Proc. EUROCRYPT’2000, pp 139–155

  34. Abdalla M, Bellare M, Rogaway P (2001) The oracle Diffie-Hellman assumptions and an analysis of DHIES. In: Proc. CT-RSA’2001, pp 143–158

  35. Abdalla M, Chevassut O, Pointcheval D (2005) One-time verifier-based encrypted key exchange. In: Proc. PKC’2005, pp 47–64

  36. Pointcheval D (2005) Provable Security for Public Key Schemes. In: Contemporary cryptology (advanced courses in mathematics—CRM Barcelona), pp 133–189

Download references

Acknowledgements

This work was supported in part by the National Natural Science Foundation of China (No. 61101112) and China Postdoctoral Science Foundation (2011M500775).

Author information

Authors and Affiliations

  1. Department of Networks Engineering, Information Engineering University, Zhengzhou, China

    Shuhua Wu & Fei Kang

  2. State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, Beijing, China

    Shuhua Wu

  3. CIMS Research Center, Tongji Univerity, Shanghai, China

    Qiong Pu

Authors
  1. Shuhua Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qiong Pu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fei Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shuhua Wu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Wu, S., Pu, Q. & Kang, F. Practical authentication scheme for SIP. Peer-to-Peer Netw. Appl. 6, 61–74 (2013). https://doi.org/10.1007/s12083-012-0129-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-012-0129-7

Keywords

Search

Navigation