Secure SIP authentication scheme supporting lawful interception

Security and Communication Networks

Volumn 6, Issue 3, 2013, Pages 340-350

  Pu, Qiong ^a,b,c   Wang, Jian ^a   Wu, Shuhua ^b,c,d  

^a TONGJI UNIVERSITY   (China)

^b UNIVERSITY OF CHINESE ACADEMY OF SCIENCES   (China)

^c INFORMATION ENGINEERING UNIVERSITY   (China)

^d SHANGHAI JIAO TONG UNIVERSITY   (China)

Author keywords

Authentication; Elliptic curve; Lawful interception; SIP; VoIP

Indexed keywords

AUTHENTICATION; CRYPTOGRAPHY; INTERNET TELEPHONY; NETWORK SECURITY;

AUTHENTICATION AND KEY AGREEMENTS; AUTHENTICATION SCHEME; ELLIPTIC CURVE; ELLIPTIC CURVE CRYPTOSYSTEMS; LAWFUL INTERCEPTION; MEDIA STREAMS; MULTIMEDIA SESSIONS; PASSWORD-GUESSING ATTACKS; PROVABLE SECURITY; SESSION INITIATION PROTOCOL; SIGNALING PROTOCOL; SIP; SIP SERVER; VOIP;

INTERNET PROTOCOLS;

EID: 84874300958     PISSN: 19390114     EISSN: 19390122     Source Type: Journal    
DOI: 10.1002/sec.568     Document Type: Article

References (38)

1. Martine M, Henrikson E, Mills D. Private header (P-header) extensions to the session initiation protocol (SIP) for the 3rd-generation partnership project (3GPP). IETF RFC 3455, 2003.
2. Franks J, Hallam-Baker P, Hostetler J, et al. HTTP authentication: basic and digest access authentication. IETF RFC 2617, 1999.
3. Salsano S, Veltri L, Papalilo D. SIP security issues: the SIP authentication procedure and its processing load. IEEE Network 2002; 16(16):38-44.
4. Geneiatakis D, Dagiuklas T, Kambourakis G, Lambrinoudakis C, Gritzalis S. Survrery of security vulnerabilities in session initial protocol. IEEE Communications surveys and tutorials 2006; 8(3):68-81.
5. Sisalemd D, Kuthan J, Ehlerts S. Denial of service attacks targeting a SIP VoIP infrastructure: stack scenarios and prevention mechanisms. IEEE Network 2006; 20(5):26-31.
6. Andreas S, Daniel K, Andreas S. SIP security. Security group, CH-8401, 2004.
7. Yoon E, Yoo K, Kim C, Hong Y, Jo M, Chen H. A secure and efficient SIP authentication scheme for converged VoIP networks. Computer Communications 2010; 33(14):1674-1681.
8. Vesterinen P. User authentication in SIP. TKK T-110.5290 seminar on Network Security, 12-11/12, 2006.
9. Yang C, Wang R, Liu W. Secure authentication scheme for session initiation protocol. Computer and Security 2005; 24:381-386.
10. Ring J, Choo K, Foo E, Looi M. A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography. Proc. of AusCert R&D Stream 2006; 61-72.
11. Wang F, Zhang Y. A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Computer Communication 2008; 31:2142-2149.
12. Dimitris G, Costas L. A lightweight protection mechanism against signaling attacks in a SIP-Based VoIP environment. Telecommunication Systems 2007; 36(4):153-159.
13. Wu L, Zhang Y, Wang F. A new provably secure authentication and key agreement protocol for SIP using ECC. Computer Standard and Interfaces 2009; 31(2):286-291.
14. Liao Y, Wang S. A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves. Computer Communications 2010; 33(3):372-380.
15. Hankerson D, Menezes A, Vanstone S. Guide to Elliptic Curve Cryptography. Springer-Verlag: New York, USA, 2004.
16. Koblitz N. Elliptic curve cryptosystem. Mathematics of Computation 1987; 48:203-209.
17. Boyd C, Montague P, Nguyen K. Elliptic curve based password authenticated key exchange protocols. Proc. of ACISP'01. 2001; 487-501.
18. Han K, Yeun C, Shon T, Park J, Kim K. A scalable and efficient key escrow model for lawful interception of IDBC-based secure communication. International Journal of Communication Systems 2011; 24(4):461-472.
19. Rosenberg J, Schulzrinne H, Camarillo G, et al. SIP: session initiation protocol. IETF RFC 3261, 2002.
20. Arshad R, Ikram N. Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications 2011. doi:10.1007/s11042-011-0787-0.
21. Abdalla M, Pointcheval D. Simple password-based encrypted key exchange protocols. Proc. of CT-RSA'05(LNCS 3376). 2005; 191-208.
22. Chevassut O, Fouque P, Gaudry P, Pointcheval D. Key derivation and randomness extraction. 2005, http://eprint.iacr.org/2005/061.pdf.
23. Karopoulos G, Kambourakis G, Gritzalis S, Konstantinou E. A framework for identity privacy in SIP. Journal of Network and Computer Applications 2010; 33:16-28.
24. Blake I, Seroussi G, Smart N. Elliptic Curves in Cryptography. Cambridge University Press: Cambridge, 1999.
25. Blake I, Murty K, Xu G. Refinements of Miller's algorithm for computing Weil/Tate pairing. Journal of Algorithms 2006; 58(2): 134-149.
26. Miller V. Short programs for functions on curves. Unpublished Manuscrip. 1986, http://crypto.stanford.edu/miller/miller.pdf.
27. Barreto P, Kim H, Lynn B. Efficient algorithms for pairing-based cryptosystems. Proc. of CRYPTO'02 (LNCS 2442), 2002; 354-368.
28. Galbraith S, Harrison K, Soldera D. Implementing the Tate pairing. Proc. of ANTS-V (LNCS 2369), 2002; 324-337.
29. 3rd Generation Partnership Project. TS 33.106: 'Lawful Interception Requirements'. V8.1.0 edn, 2008.
30. Yoon E, Shin Y, Jeon I, Yoo K. Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Technical Review 2010; 27(3):203-213.
31. Xie Q. A new authenticated key agreement for session initiation protocol. International Journal of Communication Systems 2011. doi:10.1002/dac.1286.
32. Bresson E, Chevassut O, Pointcheval D. New security results on encrypted key exchange. Proc. of PKC'04 (LNCS 2947). Springer-Verlag: Berlin, 2004; 145-158.
33. Abdalla M, Pointcheval D. Interactive Diffie-Hellman assumptions with applications to password-based authentication. In Proc. of FC'05. Springer-Verlag, 2005; 341-356.
34. Choo K, Boyd C, Hitchcock Y. Examining indistinguishability-based proof models for key establishment protocols. In Proc. of ASIACRYPT'05. Springer-Verlag, 2005; 585-604.
35. Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks. In Proc. of EUROCRYPT'00. Springer-Verlag, 2000; 139-155.
36. Abdalla M, Bellare M, Rogaway P. The oracle Diffie-Hellman assumptions and an analysis of DHIES. In Proc. of CT-RSA'01. Springer-Verlag, 2001; 143-158.
37. Abdalla M, Chevassut O, Pointcheval D. One-time verifier-based encrypted key exchange. In Proc. ofPKC'05. Springer-Verlag, 2005; 47-64.
38. Okamoto T, Pointcheval D. The gap-problems: a new class of problems for the security of cryptographic schemes. In Proc. of PKC'01. Springer-Verlag, 2001; 104-118.