Enhancement of SIP Signaling for Integrity Verification

SIP has an authenticated identity management mechanism, named SIP Identity (in RFC4474), that has integrity verification as part of it. SIP Identity uses the public key infrastructure (PKI), which entails certificate management whereby parties get a certificate from the certificate authority (CA) and periodically update it. This presents problems when a user agent (UA) uses SIP Identity. In this paper, we propose a verification mechanism to ensure the integrity of a call flow that does not require lots of effort on the part of the UA. By using our mechanism and SIP Identity, we can ensure the end-to-end integrity of a call flow without a user-level PKI. We apply the verification mechanism to ZRTP, which is a key agreement protocol for SRTP, and validate it.