Efficient ID-based authentication and key agreement protocols for the session initiation protocol

In a widely deployed VoIP system tens of thousands of clients compete for the SIP proxy server's authentication service. SIP protocol implementations have to meet certain QoS and security requirements. In this study new ID-based protocols are proposed for the SIP authentication and key agreement protocols. These protocols minimize the use of expensive pairing functions but still resist notable attacks. The security of the proposed protocols are analyzed and demonstrated with security proofs based on the BJM security model. Finally, the performance overhead of the proposed protocols are compared to ID-based SIP authentication and key agreement protocols given in the literature.

[1]  Jia Lun Tsai Efficient Nonce-based Authentication Scheme for Session Initiation Protocol , 2009, Int. J. Netw. Secur..

[2]  Raylin Tso,et al.  One-Way and Two-Party Authenticated ID-Based Key Agreement Protocols Using Pairing , 2005, MDAI.

[3]  Maurizio Adriano Strangio On the Resilience of Key Agreement Protocols to Key Compromise Impersonation , 2006, EuroPKI.

[4]  V. Vaidehi,et al.  Authentication of Signaling in VoIP Applications , 2005, 2005 Asia-Pacific Conference on Communications.

[5]  Liang Ni,et al.  A Pairing-Free Identity-Based Authenticated Key Agreement Mechanism for SIP , 2011, 2011 International Conference on Network Computing and Information Security.

[6]  Tugrul Yanik,et al.  Performance evaluation of ID based authentication methods in the SIP protocol , 2009, 2009 International Conference on Application of Information and Communication Technologies.

[7]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[8]  Costas Lambrinoudakis,et al.  Survey of security vulnerabilities in session initiation protocol , 2006, IEEE Communications Surveys & Tutorials.

[9]  Costas Lambrinoudakis,et al.  A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment , 2007, Telecommun. Syst..

[10]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[11]  Henning Schulzrinne,et al.  Issues and challenges in securing VoIP , 2009, Comput. Secur..

[12]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[13]  Yuqing Zhang,et al.  A New Provably Secure Authentication and Key Agreement Mechanism for SIP Using Certificateless Public-Key Cryptography , 2007, 2007 International Conference on Computational Intelligence and Security (CIS 2007).

[14]  Lawrence C. Stewart,et al.  HTTP Authentication: Basic and Digest Access Authentication , 1999 .

[15]  Dong Hoon Lee,et al.  Diffie-Hellman Problems and Bilinear Maps , 2002, IACR Cryptol. ePrint Arch..

[16]  Souhwan Jung,et al.  A lightweight authentication and hop-by-hop security mechanism for SIP network , 2008, 2008 International Conference on Advanced Technologies for Communications.

[17]  Rasool Jalili,et al.  A Robust and Efficient SIP Authentication Scheme , 2008 .

[18]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[19]  Kwangjo Kim,et al.  Design of Secure VoIP using ID-Based Cryptosystem , 2008 .

[20]  Eun-Jun Yoon,et al.  A New Authentication Scheme for Session Initiation Protocol , 2009, 2009 International Conference on Complex, Intelligent and Software Intensive Systems.

[21]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[22]  Liqun Chen,et al.  Identity based authenticated key agreement protocols from pairings , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[23]  Chou Chen Yang,et al.  Secure authentication scheme for session initiation protocol , 2005, Comput. Secur..

[24]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[25]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[26]  Luca Veltri,et al.  SIP security issues: the SIP authentication procedure and its processing load , 2002 .

[27]  Ibrahim Sogukpinar,et al.  SIP Authentication Scheme using ECDH , 2007 .

[28]  Florian Hess,et al.  Efficient Identity Based Signature Schemes Based on Pairings , 2002, Selected Areas in Cryptography.

[29]  Ernest Foo,et al.  A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography , 2006 .

[30]  Patrick Traynor,et al.  Proxychain: Developing a Robust and Efficient Authentication Infrastructure for Carrier-Scale VoIP Networks , 2010, USENIX Annual Technical Conference.

[31]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.