Cryptology ePrint Archive: Report 2007/220

A New Provably Secure Authentication and Key Agreement Mechanism for SIP Using Certificateless Public-key Cryptography

Fengjiao WANG and Yuqing ZHANG

Abstract: The session initiation protocol (SIP) is considered as the dominant signaling protocol for calls over the internet. However, SIP authentication typically uses HTTP digest authentication, which is vulnerable to many forms of known attacks. This paper proposes a new secure authentication and key agreement mechanism based on certificateless public-key cryptography, named as SAKA, between two previously unknown parties, which provides stronger security assurances for SIP authentication and media stream, and is provably secure in the CK security model. Due to using certificateless public key cryptography, SAKA effectively avoids the requirement of a large Public Key Infrastructure and conquers the key escrow problem in previous schemes.

Category / Keywords: cryptographic protocols / SIP, certificateless public-key cryptography, authentication, key agreement

Publication Info: This paper has been submitted to Computer Communications.

Date: received 7 Jun 2007

Contact author: Wangfj at nipc org cn

Available format(s): PDF | BibTeX Citation

Version: 20070608:203632 (All versions of this report)

Short URL: ia.cr/2007/220

Discussion forum: Show discussion | Start new discussion