Hacı Hakan KILINÇ, Yolguly ALLABERDİYEV, Tuğrul YANIK

Efficient ID-based authentication and key agreement protocols for the session initiation protocol

In a widely deployed VoIP system tens of thousands of clients compete for the SIP proxy server's authentication service. SIP protocol implementations have to meet certain QoS and security requirements. In this study new ID-based protocols are proposed for the SIP authentication and key agreement protocols. These protocols minimize the use of expensive pairing functions but still resist notable attacks. The security of the proposed protocols are analyzed and demonstrated with security proofs based on the BJM security model. Finally, the performance overhead of the proposed protocols are compared to ID-based SIP authentication and key agreement protocols given in the literature.

Anahtar Kelimeler:

SIP, ID-based cryptography, authentication, key agreement

Efficient ID-based authentication and key agreement protocols for the session initiation protocol

Keywords:

SIP, ID-based cryptography, authentication, key agreement,

PDF

___

Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M, Schooler E. SIP: Session
Initiation Protocol. Internet Engineering Task Force 2002; RFC 3261.
Geneiatakis D, Dagiouklas A, Kambourakis G, Lambrinoudakis C, Gritzalis S, Ehlert S, Sisalem D. Survey of
security vulnerabilities in session initiation protocol. IEEE Communications Surveys and Tutorials 2006; 8: 68–81.
Salsano S, Veltri L, Papalilo D. SIP security issues: the SIP authentication procedure and its processing load. IEEE
Network 2002; 16: 38–44.
Dantu R, Fahmyb S, Schulzrinne H, Cangussu J. Issues and challenges in securing VoIP. Computers & Security 2009; 28: 743–753.
Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L. HTTP authentication: basic
and digest access authentication. Internet Engineering Task Force 1999; RFC 2617.
Yang CC, Wang RC, Liu WT. Secure authentication scheme for session initiation protocol. Computers & Security 2005; 24: 381–386.
Durlanik A, Sogukpinar I. SIP authentication scheme using ECDH. Enformatika 2005; 8: 350–353.
Choi J, Jung S, Bae K, Moon H. A lightweight authentication and hop-by-hop security mechanism for sip network.
In: Advanced Technologies for Communications;6-9 Oct 2008; Hanoi,Vietnam; pp. 235–238.
Yoon EJ, Yoo KY. A new authentication scheme for session initiation protocol. In: International Conference on
Complex, Intelligent and Software Intensive Systems;2009; Fukuoka, Japan.
Geneiatakis D, Lambrinoudakis C. A lightweight protection mechanism against signaling attacks in a sip-based
voip environment. Telecommunication Systems 2007; 36: 153–159. [11] Tsai JL.
Efficient nonce-based authentication scheme for session initiation protocol.
International Journal of
Network Security 2009; 8: 312–316.
Dacosta I, Traynor P. Proxychain: Developing a robust and efficient authentication infrastructure for carrier-scale VoIP networks. In: Proceedings of the 2010 USENIX Conference on USENIX Annual Technical Conference; 2010; pp. 10–10.
Srinivasan R, Vaidehi V, Harish K, LakshmiNarasimhan K, LokeshwerBabu S, Srikanth V.Authentication of signaling in VoIP applications. In: 11th Asia Pacific Conference on Communication(APCC);2005; Perth, Australia.
Nodooshan AM, Darmani Y, Jalili R, Nourani M. A robust and efficient SIP authentication scheme. Communications
in Computer and Information Science 2009; 6: 551–558.
Ring J, Choo KKR, Foo E, Looi M. A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography. In: AusCERT Asia Pacific Information Technology Security Conference; 23 May 2006; Gold Coast, Australia.
Han K, Yeun C, Kim K. Design of secure VoIP using Id-based cryptosystem. In: The Symposium on Cryptography and Information Security (SCIS2008); 22-25 January 2008; Miyazaki,Japan.
Wang F, Zhang Y. A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Computer Communication 2008; pp. 2142–2149.
Kilinc HH, Allaberdiyev Y, Yanik T. Performance evaluation of Id based authentication methods in the SIP protocol. In: Application of Information And Communication Technologies 3rd IEEE International Conference (AICT 2009); 2009.
Ni L, Chen G, Li J. A pairing-free identity-based authenticated key agreement mechanism for sip. In: Proceedings of the 2011 International Conference on Network Computing and Information Security - Volume 01(NCIS 2011); 2011; Washington, DC, USA; pp. 209–217.
Chen L, Kudla C. Identity based authenticated key agreement protocols from pairings. CSFW; 2003; pp. 219–233.
Hess F. Efficient identity based signature schemes based on pairings. In: Proceedings of the 9thWorkshop on Selected Areas in Cryptography; 2003; pp. 310–324.
Okamoto T, Tso R, Okamoto E. One-way and two-party authenticated id-based key agreement protocols using pairing. Modeling Decisions for Artificial Intelligence 2005; 3558/2005: 122–133.
Patil HK, Chen TM, Willis D, Nguyen N. Authentication in SIP using identity based signature scheme. In: NIST workshop on Applications of Pairing-Based Cryptography: Identity-Based Encryption and Beyond; 3-4 June 2008; Gaithersburg, Maryland, USA.
Al-Riyami S, Paterson K. Certificateless public key cryptography. Advances in Cryptology-Asiacrypt 2003; 2894: 452–473.
Choon JC, Cheon JH. An identity-based signature from Gap Diffie-Hellman Groups. In: 6th International Workshop on Practice and Theory in Public Key Cryptography (PKC2003); January 2003; Miami, FL, USA; pp. 18–30.
Lynn B. Pairing-based cryptography library, available at http://crypto.stanford.edu/pbc/, accessed: 14 February 2013.
OpenSIPs, available at http://www.opensips.org/, accessed: 14 February 2013.
Shamir A. Identity-based cryptosystems and signature schemes. In: Advances in Cryptology: Proceedings of CRYPTO 84; 1984; pp. 47–53.
Boneh D, Franklin MK. Identity-based encryption from the Weil Pairing. In: Advances in Cryptology: Proceedings of CRYPTO 01; 2001; pp. 213–229.
Blake-Wilson S, Johnson D, Menezes A. Key agreement protocols and their security analysis. In: Proceedings of the 6th IMA International Conference on Cryptography and Coding; 1997; London, UK; pp. 30–45.
Bellare M, Rogaway P. Entity authentication and key distribution. In: Proceedings of the 13th annual international cryptology conference on Advances in cryptology (CRYPTO’93); 1994; New York, NY, USA; pp. 232–249.
Strangio MA. On the resilience of key agreement protocols to key compromise impersonation. Cryptology ePrint Archive, Report 2006/252, 2006, available at http://eprint.iacr.org/2006/252, accessed: 14 February 2013.
Cheon JH, Lee DH. Diffie-hellman problems and bilinear maps. Cryptology ePrint Archive, Report 2002/117, 2002,
Hankerson D, Menezes AJ, Vanstone S. Guide to Elliptic Curve Cryptography. New York, USA: Springer-Verlag, 2004.