1 / 17

Author: Yi-Pin Liao, Shuenn-Shyang Wang

A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves. Author: Yi-Pin Liao, Shuenn-Shyang Wang Source: Computer Communications, Vol. 33, 2010, pp. 372-380 Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/1. Outline.

lora
Download Presentation

Author: Yi-Pin Liao, Shuenn-Shyang Wang

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A new secure password authenticated key agreement scheme for SIP usingself-certified public keys on elliptic curves Author:Yi-Pin Liao, Shuenn-Shyang Wang Source: Computer Communications, Vol. 33, 2010, pp. 372-380 Presenter: Tsuei-Hung Sun (孫翠鴻) Date: 2010/9/1

  2. Outline • Introduction • Motivation • Scheme • Security analysis • Performance evaluation • Advantage vs. weakness • Comment

  3. Introduction • Related work • Public Switched Telephone Networks (PSTNs) • Voice over Internet Protocol (VoIP) • Session Initial Protocol (SIP)

  4. Introduction • Network entities in SIP • User agent • Proxy server • Redirect server • Registrar server • Security in SIP • end-to-end: certificates, PKI. • hop-by-hop: IPsec, TLS. IPsec: Internet Protocol Security (IPsec) TLS: Transport Layer Security

  5. Redirect server DNS lookup Ask Bob’s ip INVITE message RING and OK message ACK massage Media Session BYE message INVITE message INVITE message OK message Introduction (user agent client, UAC) (user agent server, UAS)

  6. Introduction • SIP authentication scheme • HTTP Digest authentication protocol • not providing security at an acceptable level. • S/MIME (Secure/Multipurpose Internet Mail Extensions) • user’s certificates • no consolidated authority • SIP over SSL (SIPL) • requires end user’s certificate • increase the workload of SIP proxy servers.

  7. Introduction Fig. HTTP Digest authentication scheme for SIP-based service.

  8. Motivation • HTTP Digest authentication protocolflaw • Lack of mutual authentication between the client and the server. • Previously configure password table, and it cannot apply todifferent network domains. • The header filed of SIP message. • Goal • No need any password table. • Achieves mutual authentication for communication parties with different SIP domains. • Change password quickly and securely.

  9. Server S4. , S1. random select S5. send to TA S2. S6. random select and compute S3.publish S7. send to S8. TA: trust authority G1: An additive cycle group of a prime order q. P: Generator of group G1 : The secure one way hash function , where n is the length of output. :The suitable key derivation functions Scheme - Setup Public TA Securechannel Secure channel

  10. Scheme - Registration Secure channel Secure channel Fig. The registration phase of the user client.

  11. Scheme - Mutual authentication and session key agreement public channel

  12. Scheme - Password change Step 1: Compute Check equal: continue not equal: stop. Step 2: change password, enter new password and compute

  13. Security analysis • Replay attack • Forgery attack • Offline password guessing attack • Man-in-the-middle attack • Insider attack • Signaling attack • Session key security • Known-key security • Perfect forward secrecy

  14. Performance evaluation Table. The performance evolution of our scheme. Th: the time spent in simple hashing operation; Taec: the time spent in point addition of elliptic curve; Tmec: the time spent in scalar multiplication of elliptic curve.

  15. Performance evaluation [3] J. Franks et al., HTTP Authentication: Basic and Digest Access Authentication. [9] C.C. Yang et al., Secure authentication scheme for session initiation protocol. [10] Jared Ring, Kim-Kwang Raymond Choo, Ernest Foo, Mark Looi, A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography. [11] F. Wang, Y. Zhang, A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. [12] D. Geneiatakis, C. Lambrinoudakis, A lightweight protection mechanism against signaling attacks in a SIP-Based VoIP environment. [13] L. Wu et al., A new provably secure authentication and key agreement protocol for SIP using ECC.

  16. Advantage vs. weakness • Advantage • Achieves mutual authentication and session key agreement. • Does not need to maintain any password or verification table in the server. • Prevents various possible attacks induced by open networks and the standard of SIP message. • Can be applied to authenticate the users with different SIP domains. • Provides users to update password quickly and securely. • Avoid key escrow problem. • Weakness • If user’s password is leaked and smart card loss, all stored in the smart card secret parameters are exposed.

  17. Comment • This paper let SIP message achieve mutual authentication, but it is run between server and user, not end-to-end. • The header filed of SIP message contain some content of individuals or other confidential information. This paper dose not protect them, but [12] proposed the Integrity-Auth header to solve.

More Related