Dynamic Group Authenticated Key Agreement Schemes for Session Initiation Protocol (SIP)

• Main Authors: Yen-Ching Lin, 林燕卿
• Other Authors: Tzong-Chen Wu
• Format: Others
• Language: zh-TW
• Published: 2011
• Online Access: http://ndltd.ncl.edu.tw/handle/znav4n

博士 === 國立臺灣科技大學 === 資訊管理系 === 99 === Session Initiation Protocol (or SIP for short) is an application-layer signaling for creating, modifying, and terminating multimedia sessions with one or more participants. SIP is rapidly becoming the dominant signaling protocol for calls over the Internet due to its simplicity, good efficiency. However, there are some problems in centralized client-server SIP structure, such as, poor scalability, disaster recovery capacity. Using peer-to-peer (or P2P for short) network in SIP instead of SIP server is expected to be a perfect method to solve the bottleneck in client-server pattern. Considering good robust and high expansibility, the P2PSIP system has been popular because of distributed operations and low deployment costs. In order to achieve confidentiality, authenticity, and availability for SIP and P2PSIP communication, this dissertation proposes one efficient authentication scheme and four authenticated key agreement (or AKA for short) schemes for entity-to-entity authentication in different SIP communication model. First, this dissertation proposes a password-based authentication scheme (SIP-2-PA) using the one-way hash function and XOR lightweight operations. The proposed SIP-2-PA scheme can be against server spoofing attacks, off-line password guessing attacks, and replay attacks. Considering the entity-to-entity authentication in client-server SIP communication, this dissertation proposes two password-based authenticated key agreement schemes (or PAKA for short) based on the self-certified approach: SIP-3-PAKA and SIP-4-PAKA. SIP-3-PAKA scheme allows two communication parties in the intra-domain to authenticate each other and establish a shared session key. Extending SIP-3-PAKA scheme, SIP-4-PAKA scheme is used in the inter-domain SIP communication. In the proposed SIP-3-PAKA scheme and SIP-4-PAKA scheme, no public key certificates are required during the key agreement phase. It is difficult to authenticate with each other communication party in the P2PSIP communication without trusted server. This dissertation first present an identity-based 2-party AKA scheme for P2PSIP (or P2PSIP-ID-2AKA for short) by only using the identitiy of communication party to achieve user authentication and key agreement. The proposed P2PSIP-ID-2AKA is easily generalized to group AKA (or P2PSIP-ID-GAKA for short) that allows n communication parties to authenticate with the others and share a secret key. The proposed P2PSIP-ID-GAKA scheme with 3-round and only requires constant point multiplication operations on elliptic curve, regardless of the number of participant parties. Besides, the proposed P2PSIP-ID-GAKA scheme enables addition and exclusion of communication parties as well as refreshing of the shared keys. Under the elliptic curve discrete logarithm problem and the hash Diffie-Hellman assumption, this dissertation shows that all the proposed SIP-3-PAKA, SIP-4-PAKA, P2PSIP-ID-2AKA, and P2PSIP-ID-GAKA schemes achieve mutual implicit key authentication, explicit key authentication, known key secrecy, perfect forward secrecy, and key control secrecy, and is secure against key compromise impersonation attacks and unknown key shared attacks.