The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Today, Session Initiation Protocol (SIP) is considered as predominant protocol for Voice over IP (VoIP) systems. When the client require to use SIP services, as a demand of accessing proxy server, authentication will be important challenge. SIP protocol presents SIP request authentication through a challenge-response scheme named HTTP Digest Authentication which is inherited from HTTP protocol, but...
Security is one of the key issues on Session Initial Protocol (SIP) based Internet multimedia communication system, and there are various SIP attacks which have employed forged source addresses. Combining the SIP architecture and source address validation, we propose a new SIP security architecture, including a new security framework, a two-way authentication algorithm and an IBS based identity security...
The session initiation protocol (SIP) is the most widely used signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of wireless communication. Recently, Tsai proposed an efficient nonce-based authentication scheme for SIP. In this paper, we do a cryptanalysis...
The SIP authentication mechanism implemented in most applications is the HTTP Digest Authentication. This mechanism is easy to implement and delivers high performance results. But the weaknesses of this authentication method are not acceptable where security is of high concern. The ID based authentication mechanisms do not suffer from the vulnerabilities of secret based authentication schemes. Also...
The session initiation protocol (SIP) is an application-layer control protocol for creating, modifying, and terminating sessions with one or more participants in the IP-based telephony environment.Yang et al. and Huang et al. proposed a secure authentication scheme for session initiation protocol.Yang's scheme is based on Deffi-Hellman key agreement scheme and a combination of hash functions. In 2006,...
Voice over IP is gaining more popularity in today's communications. The Session Initiation Protocol (SIP) is the most popular VoIP signalling protocol is vulnerable to many kinds of attacks. Among all these attack, flood-based denial of service attacks have been identified as the biggest threat to SIP. Even though a great deal of research has been conducted into mitigating denial of service attacks,...
In 2008, Tsai proposed an efficient nonce-based authentication scheme for Session Initiation Protocol (SIP). The current paper, however,demonstrates that Tsai's authentication scheme is still vulnerable to off-line password guessing attacks, Denning-Sacco attack and stolen-verifier attacks, and does not provide perfect forward secrecy. We also propose a new secure and efficient authentication scheme...
VoIP provides multimedia (audio and video, etc) services through Internet Network. Due to the characteristic of Internet, there are many attacks and threats in Internet, so are VoIP. Therefore, user authentication, confidentiality, and integrity of signaling message, media stream are required for secure communication. TLS and S/MIME are proposed for SIP signaling message protection and SRTP for media...
In 2008, Wu et al. proposed a new authentication and key exchange (NAKE) protocol based on elliptic curve cryptography for session initiation protocol, which provides provable security in CK security model. This paper, however, demonstrates that Wu et al.'s NAKE protocol is vulnerable to off-line password guessing attacks and then presents an improved protocol in order to isolate such a problem.
The session initiation protocol (SIP) is rapidly becoming the dominant signalling protocol for calls over the Internet. It has quickly made large inroads into the voice over IP (VoIP) market. SIP is an application-layer control operating on top of a transport protocol and allows to create, modify, and terminate sessions with one or more participants. With security considerations, these operations...
The session initiation protocol (SIP) is considered as the dominant signaling protocol for calls over the Internet. However, how to authenticate each other and agree on a session key has not been efficiently solved. In 2007, Wang and Zhang proposed a key agreement protocol and a new authentication and key agreement mechanism for SIP. In this paper, we prove that Wang and Zhang's key agreement protocol...
This paper proposes a lightweight authentication and hop-by-hop security scheme between the SIP UA and server. Although a number of security schemes for authentication and key exchange in SIP network are proposed, they still suffer from heavy computation overhead on the UApsilas side. The SIP UA in the proposed scheme delegates cryptographically computational operations such as the exponentiation...
The Session Initiation Protocol (SIP) is increasingly used as a signaling protocol for administrating Voice over IP (VoIP) phone calls. SIP can be configured in several ways so that different functional and security requirements are met. Careless configuration of the SIP protocol is known to lead to a large set of attacks. In this paper we show how different configurations of SIP can be specified...
Session initiation protocol (SIP), due to its simple architecture and well-defined content, is currently considered the premier signaling protocol for next generation networks (NGN). However, its simplicity will lead to serious security challenges in terms of privacy and integrity. Security mechanisms recommended by RFC3261 for SIP are either weak information protection methods or demand heavy computing...
VoIP services have become a major competitor to the PSTN networks and will replace them in the near future. Based on this fact the SIP protocol became very popular. But handling tens of thousand of clients, despite the network and application delays is a challenging task. The SIP proxy servers need to be implemented very efficiently to reduce the application delays. This work evaluates and compares...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.