DOI QR코드

DOI QR Code

Expanding the User Authentication Scheme in SIP

SIP에서의 강화된 사용자 인증 방식

  • 고윤미 (단국대학교 전자계산학과 컴퓨터과학) ;
  • 권경희 (단국대학교 전자계산학과 컴퓨터과학)
  • Received : 2011.08.16
  • Accepted : 2011.12.01
  • Published : 2011.12.28

Abstract

Due to vulnerable authentication scheme of SIP, intruders can easily impersonate legitimate user. HTTP Digest authentication scheme or private key issued by trust third parties has been used to prevent impersonation attack. However, these methods have suffered security vulnerability or service delay due to computation overhead. In this paper, we propose new authentication method to generate automatically one-time password using the pre-shared password and time information of messages exchanged between SIP UA(User Agent) and SIP Registrar. This method protects against impersonation attack without significant modification of exiting SIP authentication procedure to build securer SIP environment.

Keywords

SIP;Impersonation Attack;One-time Password

Acknowledgement

Supported by : 단국대학교

References

  1. Keromytis and D. Angelos, "A Comprehensive Survey of Voice over IP Security Research," Communication Surveys & Tutorials, IEEE, Issue:99, pp,1-24, 2011(4).
  2. A. D. Keromytis, "Voice over IP: Risk, Threats and Vulnerabilities," in Proc. Cyber Infrastructure Protection (CIP) Conference, 2009(6).
  3. A. D. Keromytis, "A Look at VoIP vulnerabilities," USENIX ; login: Magazine Vol.35, pp.41-50, 2010(2).
  4. A. D. keromytis," Voice over IP Security: Research and Practice," IEEE Security Privacy Mag, Vol.8, pp.76-78, 2010(3)(4).
  5. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. handley, and E. Schooler, "SIP: Session Initiation Protocol," RFC 3261, 2002(6).
  6. 권경희, 김진희, 고윤미 "셀룰러 망에서 SIP 재전송 간격조절에 의한 성능 개선과 이를 이용한 홈네트워크 구현", 한국콘텐츠학회논문지, 제8권, 제2호, 2008(2). https://doi.org/10.5392/JKCA.2008.8.2.067
  7. 최재덕, 정수환 "효율적이고 안전한 SIP 사용자 인증 및 키 교환", 한국정보보호학회논문지, 제 19권, 제3호, 2009(6).
  8. C. Yang, R. Wang, and W. Liu, "Secure authentication scheme for session initiation protocol," Computers & Security, Vol.24, No.5, pp.381-386, 2005(8). https://doi.org/10.1016/j.cose.2004.10.007
  9. 윤하나, 이형우 "SIP 공격대응을 위한 보안성이 강화된 Stateful SIP 프로토콜", 한국콘텐츠학회 논문지, 제10권, 제1호, 2010(1). https://doi.org/10.5392/JKCA.2010.10.1.046
  10. J. Y. Migeon, "The MIT Kerberos Administrator's How-to Guide," Kerberos consortium, 2008.
  11. C. Neuman, J. Kohl, and T. Ts'o, "The Kerberos Network Authentication Service(V5)," Internet draft(work in progress), draft-ietf-catkerberos- revisions-06.txt, 2000.
  12. J. Ring, K. Choo, E. Foo, and M. Looi, "A new authentication mechanism and key agreement protocol for SIP using Identity-based cryptography," Proceeding of AusCERT Asia pacific Information Technology Security Conference, pp.57-72, 2006(5).
  13. F. Wang and Y. Zhang, "A net probably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography," Computer Communications, Vol.31, No.10, pp.2142-2149, 2008(6). https://doi.org/10.1016/j.comcom.2008.01.054