nach oben

Peer-to-Peer Networking and Applications

Erschienen in:

01.01.2016

A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP

verfasst von: Liping Zhang, Shanyu Tang, Shaohui Zhu

Erschienen in: Peer-to-Peer Networking and Applications | Ausgabe 1/2016

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Session Initiation Protocol (SIP) is an essential part of most Voice over Internet Protocol (VoIP) architecture. Although SIP provides attractive features, it is exposed to various security threats, and so an efficient and secure authentication scheme is sought to enhance the security of SIP. Several attempts have been made to address the tradeoff problem between security and efficiency, but designing a successful authenticated key agreement protocol for SIP is still a challenging task from the viewpoint of both performance and security, because performance and security as two critical factors affecting SIP applications always seem contradictory. In this study, we employ biometrics to design a lightweight privacy preserving authentication protocol for SIP based on symmetric encryption, achieving a delicate balance between performance and security. In addition, the proposed authentication protocol can fully protect the privacy of biometric characteristics and data identity, which has not been considered in previous work. The completeness of the proposed protocol is demonstrated by Gong, Needham, and Yahalom (GNY) logic. Performance analysis shows that our proposed protocol increases efficiency significantly in comparison with other related protocols.

Vorheriger Artikel Tree-based data retrieval algorithm for multi-item request with deadline in wireless networks

Nächster Artikel A free rider aware topological construction strategy for search in unstructured P2P networks

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Rosenberg J, Schulzrinne H et al. (2002) SIP: Session Initiation Protocol. RFC 3261, June

Geneiatakis D, Lambrinoudakis C, Kambourakis G (2008) An ontology based-policy for deploying secure sip-based voip services. Comput Secur 27(7–8):285–297CrossRef

Franks J, Hallam-Baker P, Hostetler J et al. (1999) HTTP Authentication: Basic and Digest Access Authentication. Internet Engineering Task Force, RFC 2617

Kilinc HH, Yanik T (2013) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor. doi:10.1109/SURV.2013.091513.00050 MATH

Yanik T, Kilinc HH, Sarioz M, Erdem SS (2008) Evaluating SIP Proxy Servers Based on Real Performance Data. SPECTS2008

Yang C, Wang R, Liu W (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24:381–386CrossRef

Jo H, Lee Y et al. (2009) Off-line Password-Guessing Attack to Yang’s and Huang’s Authentication Schemes for Session Initiation Protocol. In proceedings of INC, IMS and IDC, pp. 618–621

Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. Enformatika 8:350–353

Yoon E-J, Yoo K-Y (2009) Cryptanalysis of DS-SIP Authentication Scheme Using Ecdh. In Proceedings of the 2009 International Conference on New Trends in Information and Service Science, Washington, DC, USA, pp. 642–647

10.

Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comput Stand Interfaces 31(2009):286–291MathSciNetCrossRef

11.

Yoon EJ, Yoo KY et al (2010) A secure and efficient SIP authentication scheme for converged VoIP networks. Comput Commun 33(2010):1674–1681CrossRef

12.

Srinivasan R, Vaidehi V, Harish K, LakshmiNarasimhan K, LokeshwerBabu S, Srikanth V (2005) Authentication of Signaling in VoIP Applications. In APCC, Perth, Australia, October

13.

Nodooshan AM, Darmani Y et al (2009) A robust and efficient SIP authentication scheme. Commun Comput Inf Sci 6:551–558CrossRef

14.

Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2013):165–178CrossRef

15.

He D, Chen J, Chen Y (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Netw 5(12):1423–1429CrossRef

16.

Pu Q, Wang J, Wu S (2013) Secure SIP authentication scheme supporting lawful interception. Secur Commun Netw 6:340–350CrossRef

17.

Yoon E, Yoo K (2010) A three-factor authenticated key agreement scheme for SIP on elliptic curves. 2010 Fourth International Conference on Network and System Security, pp 334–339

18.

Yeh H-L, Chen T-H, Shih W-K (2013) Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Comput Stand Interfaces 36(2):397–402CrossRef

19.

Ring J, Choo K-KR, Foo E, Looi M, Ne A (2006) Authentication Mechanism and Key Agreement Protocol for SIP Using Identitybased Cryptography. In AusCERT Asia Pacific Information Technology Security Conference, Gold Coast, Australia, 23 May, pp 61–72

20.

Han K, Yeun C, Kim K (2008) Design of Secure VoIP using ID-Based Cryptosystem. In The Symposium on Cryptography and Information Security (SCIS2008), Miyazaki,Japan, Jan. 22–25

21.

Wang F, Zhang Y (2008) A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Comput Commun 31(10):2142–2149CrossRef

22.

Li X, Zhang Y, Zhang G (2012) A new certificateless authenticated key agreement protocol for SIP with different KGCs. Secur Commun Netw. doi:10.1002/SEC.595

23.

Tao C, Qiang G, Baohong H (2008) A lightweight authentication scheme for session initiation protocol. In Proc. ICCCAS, pp 502–505

24.

Tsai JL (2009) Efficient Nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 9(1):12–16

25.

Yoon E, Shin Y, Jeon I, Yoo K (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27(2010):203–213CrossRef

26.

Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54CrossRef

27.

Khan MK, Zhang J (2007) Improving the security of ‘a flexible biometrics remote user authentication scheme’. Comput Stand Interfaces 29(2007):82–85CrossRef

28.

Yoon E-J, Yoo K-Y (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63:235–255CrossRef

29.

Yan X, Li W, Li P, Wang J, Hao X, Gong P (2013) A secure biometrics-based authentication scheme for telecare medicine information systems. J Med Syst 37:9972. doi:10.1007/s10916-013-9972-1 CrossRef

30.

Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33:1–5CrossRef

31.

Chen C-L, Lee C-C, Hsu C-Y (2012) Mobile device integration of a fingerprint biometric remote authentication scheme. Int J Commun Syst 25:585–597CrossRef

32.

Chuang M, Chen M (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Exp Syst Appl 41(2014):1411–1418MathSciNetCrossRef

33.

Li X, Niu J et al (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(2011):73–79MATHCrossRef

34.

Hao F, Anderson R, Daugman J (2006) Combining cryptography with biometrics effectively. IEEE Trans Comput 55(9):1081–1088CrossRef

35.

Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols. Proceedings of IEEE Computer Society Symp. Research in Security and Privacy, Oakland, CA, 7–9 May, pp 234–248

36.

Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8:18–36CrossRef

Titel: A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP
verfasst von: Liping Zhang
Shanyu Tang
Shaohui Zhu
Publikationsdatum: 01.01.2016
Verlag: Springer US
Erschienen in: Peer-to-Peer Networking and Applications / Ausgabe 1/2016
Print ISSN: 1936-6442
Elektronische ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-014-0317-8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2016

A novel fairness-aware parallel download scheme

Tree-based data retrieval algorithm for multi-item request with deadline in wireless networks

A free rider aware topological construction strategy for search in unstructured P2P networks

A scalable and automatic mechanism for resource allocation in self-organizing cloud

A channel-hopping scheme for continuous rendezvous and data delivery in cognitive radio network

NetSecCC: A scalable and fault-tolerant architecture for cloud computing security