Card image

Scholarly

Volume:1, Issue: 8, 2007 Page No: 2570 - 2573

International Journal of Information, Control and Computer Sciences

ISSN: 2517-9942

1957 Downloads
Abstract Full Text Download References Share Add to Favorites
DOI:10.5281/zenodo.1077912 BibTeX JSON

SIP Authentication Scheme using ECDH

SIP (Session Initiation Protocol), using HTML based call control messaging which is quite simple and efficient, is being replaced for VoIP networks recently. As for authentication and authorization purposes there are many approaches and considerations for securing SIP to eliminate forgery on the integrity of SIP messages. On the other hand Elliptic Curve Cryptography has significant advantages like smaller key sizes, faster computations on behalf of other Public Key Cryptography (PKC) systems that obtain data transmission more secure and efficient. In this work a new approach is proposed for secure SIP authentication by using a public key exchange mechanism using ECC. Total execution times and memory requirements of proposed scheme have been improved in comparison with non-elliptic approaches by adopting elliptic-based key exchange mechanism.
Authors:
Keywords:
References:
[1] RFC 3261 - SIP: Session Initiation Protocol, June 2002.
[2] PROTOS - Security Testing of Protocol Implementations". University of
Oulu, http://www.ee.oulu.fi/research/ouspg/protos/] ,Jan 2005.
[3] Goh, E.-J., and Jarecki, S. A signature scheme as secure as the Diffie-
Hellman problem. In Advances in Cryptology. Proceedings of
EUROCRYPT 2003 (2003), vol. 2656 of Lecture Notes in Computer
Science, Springer-Verlag, pp. 401-415
[4] Yang C-C., Wang R-C., Liu W-T., Secure Authentication Scheme for
Session Initiation Protocol, http://www.sciencedirect.com/science/
journal/01674048, Computers&Security (2004).
[5] Johnston, Alan B., SIP: Understanding the Session Initiation Protocol,
Second Edition, Artech House, 2004.
[6] RFC 2617 - HTTP Authentication: Basic and Digest Access
Authentication, June 1999.
[7] Glass, E., The NTLM Authentication Protocol,
http://sourceforge.net/ntlm, 2003.
[8] RFC 3310 - Hypertext Transfer Protocol (HTTP) Digest Authentication
and Key Agreement (AKA), September 2002.
[9] NIST, Recommended Elliptic Curves for Federal Government Use, July
1999.
[10] Branovic, I., Giorgi, R., Martinelli, E., A workload Characterization of
Elliptic Curve Cryptography Methods in Embedded Environments,
ACM SIGARCH Computer Architecture News, Vol.32, No.3, June
2004.