earticle

논문검색

Modified Authenticated Key Exchange Protocol for SIP using ECC

원문정보

Hyun Sung Kim, Sung Woon Lee

보안공학연구지원센터(JSE) 보안공학연구논문지 Vol.7 No.4 2010.08 pp.279-286
피인용수 : 0(자료제공 : 네이버학술정보)

초록

영어

The authentication procedure in session initiation protocol (SIP), an IETF standard protocol for initiating an interactive user session, typically uses HTTP digest authentication, which is vulnerable to many known attacks. To cope with the problems, Wu et al. proposed a new authenticated key exchange (NAKE) protocol for SIP based on the Elliptic Curve Cryptosystem. However, this paper shows that the NAKE is insecure against the off-line password guessing attack and proposes a modified authenticated key exchange (MAKE) protocol for SIP. The MAKE fits neatly in the SIP protocols as described in RFC 3261.

목차

Abstract
 1. Introduction
 2. Review of NAKE Protocol
 3. Weakness in NAKE Protocol
 4. Modified Authenticated Key Exchange Protocol
 5. Security Analysis
  5.1 Replay Attack
  5.2 Off-line Password Guessing Attack
  5.3 Server Spoofing
  5.4 Perfect Forward Secrecy
 6. Conclusion
 References

키워드

저자정보

  • Hyun Sung Kim Dept. of Computer Engineering, Kyungil University
  • Sung Woon Lee Dept. of Information Security, Tongmyong University

참고문헌

자료제공 : 네이버학술정보
  • 1E. C. Cha, H. K. Choi and S. J. Cho, "Evaluation of security protocols for the session initiation protocol," Proceeding of ICCCN 2007, pp. 611-616, 2007.
  • 2J. Roseberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley and E. Schooler, SIP : Session initiation protocol, RFC 3261, 2002.
  • 3J. Franks, P. Hallam-Baker, J. Hostertler, S. Lawrence, P. Leach, A. Luotonen and L. Stewart, HTTP authentication : Basic and digest access authentication, RFC 2617, 1999.
  • 4Secure authentication scheme for session initiation protocol네이버 원문 이동
  • 5Design and Implementation of SIP Security네이버 원문 이동
  • 6J. Ring, K. K. R. Choo, E. Foo and M. Rooi, "A new authentication mechanism and key agreement protocol for SIP using identity based cryptography," Proceeding of AusCERT R&D Stream 2006, pp. 61-72, 2006.
  • 7A. Dulanik and I. Sogukpinar, "SIP authentication scheme using ECDH," ENFORMATIKA, Vol. V8, pp. 350-353, 2005.
  • 8A new provably secure authentication and key agreement protocol for SIP using ECC네이버 원문 이동
  • 9Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels네이버 원문 이동
  • 10Cryptanalysis of a password authentication scheme over insecure networks네이버 원문 이동
  • 11A. Niemi, J. Arkko and V. Torvinen, Hypertext Transfer Protocol Digest Authentication using Authentication and Key Agreement, RFC 3310, 2002.

※ 원문제공기관과의 협약기간이 종료되어 열람이 제한될 수 있습니다.

0개의 논문이 장바구니에 담겼습니다.