Session Initiation Protocol (SIP) is an application-layer signaling and control protocol for creating, modifying and terminating sessions including Internet telephone calls, multimedia distribution and multimedia conferences. Flexible, extensible and open, SIP has a complete security mechanism that allows security of both media and signaling. SIP RFC recommends the use of TLS or DTLS (Datagram TLS defined in RFC 4347) to provide an adequate level of protection against attacks. However, missing from these protocols is a way to perform non-repudiation service. In this paper we propose to modify some header fields in the SIP messages in order to allow them to perform non-repudiation service over TLS. This modification provides the User Agents (UAs) the ability to sign their SIP messages using certificates such as X.509.
[1]
Mark Handley,et al.
SIP: Session Initiation Protocol
,
1999,
RFC.
[2]
Jari Arkko,et al.
Security Mechanism Agreement for the Session Initiation Protocol (SIP)
,
2003,
RFC.
[3]
Thomas J. Walsh,et al.
Security Considerations for Voice Over IP Systems
,
2005
.
[4]
Henning Schulzrinne,et al.
SIP Security
,
2009
.
[5]
Kumiko Ono,et al.
Requirements for End-to-Middle Security for the Session Initiation Protocol (SIP)
,
2005,
RFC.
[6]
Luca Veltri,et al.
SIP security issues: the SIP authentication procedure and its processing load
,
2002
.
[7]
Andreas Steffen,et al.
SIP Security
,
2004,
DFN-Arbeitstagung über Kommunikationsnetze.
[8]
Eric Rescorla,et al.
Datagram Transport Layer Security
,
2006,
RFC.