Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves Author: Yi-Pin Liao, Shuenn-Shyang.

Published byMeredith Evans Modified over 8 years ago

Similar presentations

Presentation on theme: "1 A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves Author: Yi-Pin Liao, Shuenn-Shyang."— Presentation transcript:

1 1 A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves Author: Yi-Pin Liao, Shuenn-Shyang Wang Source: Computer Communications, Vol. 33, 2010, pp. 372-380 Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/1

2 2 Outline Introduction Motivation Scheme Security analysis Performance evaluation Advantage vs. weakness Comment

3 3 Introduction Related work –Public Switched Telephone Networks (PSTNs) –Voice over Internet Protocol (VoIP) –Session Initial Protocol (SIP)

4 4 Introduction Network entities in SIP –User agent –Proxy server –Redirect server –Registrar server Security in SIP –end-to-end: certificates, PKI. –hop-by-hop: IPsec, TLS. IPsec: Internet Protocol Security (IPsec) TLS: Transport Layer Security

5 5 Introduction (user agent client, UAC) (user agent server, UAS) INVITE message INVITE message Redirect server DNS lookup INVITE message Ask Bob’s ip RING and OK message ACK massage BYE message OK message Media Session

6 6 Introduction SIP authentication scheme –HTTP Digest authentication protocol not providing security at an acceptable level. –S/MIME (Secure/Multipurpose Internet Mail Extensions) user’s certificates no consolidated authority –SIP over SSL (SIPL) requires end user’s certificate increase the workload of SIP proxy servers.

7 7 Introduction Fig. HTTP Digest authentication scheme for SIP-based service.

8 8 Motivation HTTP Digest authentication protocol flaw –Lack of mutual authentication between the client and the server. –Previously configure password table, and it cannot apply to different network domains. –The header filed of SIP message. Goal –No need any password table. –Achieves mutual authentication for communication parties with different SIP domains. –Change password quickly and securely.

9 9 Scheme - Setup TA S1. random select S2. Public S3.publish Server S4., S5. send to TA Secure channel S6. random select and compute Secure channel S7. send to S8. TA: trust authority G 1 : An additive cycle group of a prime order q. P: Generator of group G 1 : The secure one way hash function, where n is the length of output. : The suitable key derivation functions

10 10 Scheme - Registration Fig. The registration phase of the user client. Secure channel

11 11 Scheme - Mutual authentication and session key agreement public channel

12 12 Scheme - Password change Step 1: Compute Check equal: continue not equal: stop. Step 2: change password, enter new password and compute

13 13 Security analysis Replay attack Forgery attack Offline password guessing attack Man-in-the-middle attack Insider attack Signaling attack Session key security –Known-key security –Perfect forward secrecy

14 14 Performance evaluation T h : the time spent in simple hashing operation; T aec : the time spent in point addition of elliptic curve; T mec : the time spent in scalar multiplication of elliptic curve. Table. The performance evolution of our scheme.

15 15 Performance evaluation [3] J. Franks et al., HTTP Authentication: Basic and Digest Access Authentication. [9] C.C. Yang et al., Secure authentication scheme for session initiation protocol. [10] Jared Ring, Kim-Kwang Raymond Choo, Ernest Foo, Mark Looi, A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography. [11] F. Wang, Y. Zhang, A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. [12] D. Geneiatakis, C. Lambrinoudakis, A lightweight protection mechanism against signaling attacks in a SIP-Based VoIP environment. [13] L. Wu et al., A new provably secure authentication and key agreement protocol for SIP using ECC.

16 16 Advantage vs. weakness Advantage –Achieves mutual authentication and session key agreement. –Does not need to maintain any password or verification table in the server. –Prevents various possible attacks induced by open networks and the standard of SIP message. –Can be applied to authenticate the users with different SIP domains. –Provides users to update password quickly and securely. –Avoid key escrow problem. Weakness –If user’s password is leaked and smart card loss, all stored in the smart card secret parameters are exposed.

17 17 Comment This paper let SIP message achieve mutual authentication, but it is run between server and user, not end-to-end. The header filed of SIP message contain some content of individuals or other confidential information. This paper dose not protect them, but [12] proposed the Integrity-Auth header to solve.

18 18 References Public switched telephone network http://en.wikipedia.org/wiki/Public_switched_telephone_network (2010/8/26) http://en.wikipedia.org/wiki/Public_switched_telephone_network PSTN 網路 vs. IP 網路 http://www.digitimes.com.tw/tw/dt/n/shwnws.asp?CnlID=10&id=0000129655_JPR7T4 8I4Q3GM76G785NU (2010/8/26) http://www.digitimes.com.tw/tw/dt/n/shwnws.asp?CnlID=10&id=0000129655_JPR7T4 8I4Q3GM76G785NU S/MIME http://en.wikipedia.org/wiki/S/MIME (2010/8/26) http://en.wikipedia.org/wiki/S/MIME J. Rosenberg et al., SIP: Session Initial Protocol, IETF RFC 3261, June 2002.

19 19 Appendix PSTN: the network of the world's public circuit-switched telephone networks. It is a worldwide net of telephone lines which allows any telephone in the world to communicate with any other.circuit-switchedtelephone networkstelephone lines PSTN 網路 vs. IP 網路 : IP 協議的獨特之處在於:主機在傳輸數據之前,無須預先建 立好一條特定的「通路」。 S/MIME (Secure/Multipurpose Internet Mail Extensions): a standard for public key encryption and signing of MIME data. Elliptic Curve Cryptography http://blog.yalin.tw/2007/01/elliptic-curve- cryptography.html (2010/8/29) http://blog.yalin.tw/2007/01/elliptic-curve- cryptography.html

20 20 Appendix VoIP 想要取代 PSTN 必須先達到跟 PSTN 差不多水準的 QoS 與 network security. VoIP 在 QoS 上面臨最主要的問題就是 IP network layer, 這個安全問題牽扯 到 control architecture 跟它的 signal protocol. 最常用來處理 VoIP sessions 的 protocol 是 Session Initial Protocol (SIP).

21 21 Motivation SIP message flaw –text-based representation –Header reveal communication patterns and content of individuals or other confidential information. – message body contain user information

22 22 CallerCalled Call (in 64 kbit/s channel, Digital Signal 0 (DS0) )kbit/s

Download ppt "1 A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves Author: Yi-Pin Liao, Shuenn-Shyang."

Similar presentations

Presence, Security and Privacy. www.dynamicsoft.com VON 3.20. 01 The Current Environment Many Faces of Security Authentication Verify someone is who they.

Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.

Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.

1 Kommunikatsiooniteenuste arendus IRT0080 Loeng 5 Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.
1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.

1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
1 The Critical Role of Sip&H.323 Internetworking in Next- Generation Telephony Dr. Samir Chatterjee Associate Professor School of Information Science 909-607-4651;

1 The Critical Role of Sip&H.323 Internetworking in Next- Generation Telephony Dr. Samir Chatterjee Associate Professor School of Information Science ;
SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.

SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.
1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat 41546342 Supervisor: Dr. Rajan Shankaran.

1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat Supervisor: Dr. Rajan Shankaran.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Session Initiation Protocol (SIP) By: Zhixin Chen.

Session Initiation Protocol (SIP) By: Zhixin Chen.
A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,

A Server-aided Signature Scheme Based on Secret Sharing for Mobile Commerce Source: Journal of Computers, Vol.19, No.1, April 2008 Author: Chin-Ling Chen,
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
SIP Security Matt Hsu.

SIP Security Matt Hsu.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Similar presentations

Ads by Google