### The SIP Security Enhanced by Using Pairing-assisted Massey-Omura Signcryption

Alexandre M. Deusajute and Paulo S. L. M. Barreto

##### Abstract

Voice over IP (or VoIP) has been adopted progressively not only by a great number of companies but also by an expressive number of people, in Brazil and in other countries. However, this crescent adoption of VoIP in the world brings some concerns such as security risks and threats, mainly on the privacy and integrity of the communication. The risks and threats already exist in the signaling process to the call establishment. This signaling process is performed by specific types of protocols, like the H.323 and SIP (Session Initiation Protocol). Among those risks and threats, we can emphasize the man-in-the-middle attack because of its high danger degree. After doing a bibliographical revision of the current SIP security mechanisms and analyzing some proposals to improve these mechanisms, we verified that the SIP vulnerability to the man-in-the-middle was not totally solved. Then we propose a new security mechanism for SIP in this paper, aiming both to be an alternative security mechanism and a solution for the vulnerability to the man-in-the-middle attack. In our proposal we use a protocol for secure information exchange -- the Massey-Omura protocol -- which, when combined with Pairing-based Cryptography (PBC), provides a better security level for SIP in all its aspects.

Note: Due to the acceptance and presentation of the paper in the X RECSI/Spain, the paper had to be reviewed.

Available format(s)
Publication info
Published elsewhere. Actas de la X Reunión Española sobre Criptología y Seguridad de la Información
Keywords
man-in-the-middleMassey-OmurapairingSIPVoIP
Contact author(s)
History
2008-09-14: revised
See all versions
Short URL
https://ia.cr/2008/072

CC BY

BibTeX

@misc{cryptoeprint:2008/072,
author = {Alexandre M.  Deusajute and Paulo S.  L.  M.  Barreto},
title = {The SIP Security Enhanced by Using Pairing-assisted Massey-Omura Signcryption},
howpublished = {Cryptology ePrint Archive, Paper 2008/072},
year = {2008},
note = {\url{https://eprint.iacr.org/2008/072}},
url = {https://eprint.iacr.org/2008/072}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.