Cryptology ePrint Archive: Report 2008/072
The SIP Security Enhanced by Using Pairing-assisted Massey-Omura Signcryption
Alexandre M. Deusajute and Paulo S. L. M. Barreto
Abstract: Voice over IP (or VoIP) has been adopted progressively not only by a great number of companies but also by an expressive number of people, in Brazil and in other countries. However, this crescent adoption of VoIP in the world brings some concerns such as security risks and threats, mainly on the privacy and integrity of the communication. The risks and threats already exist in the signaling process to the call establishment. This signaling process is performed by specific types of protocols, like the H.323 and SIP (Session Initiation Protocol). Among those risks and threats, we can emphasize the man-in-the-middle attack because of its high danger degree. After doing a bibliographical revision of the current SIP security mechanisms and analyzing some proposals to improve these mechanisms, we verified that the SIP vulnerability to the man-in-the-middle was not totally solved. Then we propose a new security mechanism for SIP in this paper, aiming both to be an alternative security mechanism and a solution for the vulnerability to the man-in-the-middle attack. In our proposal we use a protocol for secure information exchange -- the Massey-Omura protocol -- which, when combined with Pairing-based Cryptography (PBC), provides a better security level for SIP in all its aspects.
Category / Keywords: man-in-the-middle, Massey-Omura, pairing, SIP, VoIP
Publication Info: Actas de la X Reunión Española sobre Criptología y Seguridad de la Información
Date: received 17 Feb 2008, last revised 13 Sep 2008
Contact author: adeusajute at larc usp br
Available formats: PDF | BibTeX Citation
Note: Due to the acceptance and presentation of the paper in the X RECSI/Spain, the paper had to be reviewed.
Version: 20080914:024539 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]