Session Initiation Protocol (SIP) 496530018 王承宇 498410098 張永霖.

Slides:

Advertisements

Similar presentations

Fall IM 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.

Advertisements

Advanced Flooding Attack on a SIP Server Xianglin Deng, Canterbury University Malcolm Shore, Canterbury University & Telecom NZ.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.

1 The Critical Role of Sip&H.323 Internetworking in Next- Generation Telephony Dr. Samir Chatterjee Associate Professor School of Information Science ;

SIP Security Issues: The SIP Authentication Procedure and its Processing Load Stefano Salsano, DIE — Universit à di Roma “ Tor Vergata ” Luca Veltri, and.

SIP Chapter 5. SIP History 1980s – first packet multimedia experiments 1992 – first IETF audio-cast 1996 – first SIP related IETF drafts Session Invitation.

What is EAP EAP stands for Extensible Authentication Protocol. Offers a basic framework for authentication. Many different authentication protocols can.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

1 ITEC 809 Securing SIP in VoIP Domain Iyad Alsmairat Supervisor: Dr. Rajan Shankaran.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中日期 :

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

SIP Security Matt Hsu.

A password authentication scheme with secure password updating SEC 期末報告學號：姓名：翁玉芬.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

12/05/2000CS590F, Purdue University1 Sip Implementation Protocol Presented By: Sanjay Agrawal Sambhrama Mundkur.

SIP vs H323 Over Wireless networks Presented by Srikar Reddy Yeruva Instructor Chin Chin Chang.

CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

Academic Advisor: Dr. Yuval Elovici Professional Advisor: Yuri Granovsky Team: Yuri Manusov Yevgeny Fishman Boris Umansky.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

SIP Greg Nelson Duc Pham. SIP Introduction Application-layer (signaling) control protocol for initiating a session among users Application-layer (signaling)

Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.

SSH Secure Login Connections over the Internet

Wireless and Security CSCI 5857: Encoding and Encryption.

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

Prepared by They Yu Shu Lee Ern Yu.  Motivation  Previous Work  Remaining Issues  Improvement.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

1 A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves Author: Yi-Pin Liao, Shuenn-Shyang.

H.323 An International Telecommunications Union (ITU) standard. Architecture consisting of several protocols oG.711: Encoding and decoding of speech (other.

Chapter 21 Distributed System Security Copyright © 2008.

Presented By Team Netgeeks SIP Session Initiation Protocol.

Application Services COM211 Communications and Networks CDA College Theodoros Christophides

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

Security in Skype Prepared by Prithula Dhungel. Security in Skype2 The Skype Service P2P based VoIP software Founded by the founders of Kazaa Can be downloaded.

Enhanced secure anonymous authentication scheme for roaming service in global mobility networks Hyeran Mun, Kyusuk Han, Yan Sun Lee, Chan Yeob Yeun, Hyo.

Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:

Omar A. Abouabdalla Network Research Group (USM) SIP – Functionality and Structure of the Protocol SIP – Functionality and Structure of the Protocol By.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

Voice over IP B 林與絜.

Cryptographic Hash Functions and Protocol Analysis

Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee

Sumanth Nag Popuri.  Why do we need SIP ?  The protocol  Instant Messaging using SIP  Internet Telephony with SIP  Additional applications  Future.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:

Robust and Efficient Password- Authenticated Key Agreement Using Smart Cards Authors: Wen-Shenq Juang, Sian-Teng Chen and Horng-Twu Liaw Src: IEEE Transaction.

多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date： Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

Dos and Don’ts of Client Authentication on the Web Kevin Fu, Emil Sit, Kendra Smith, Nick Feamster Presented: Jesus F. Morales.

1 Internet Telephony: Architecture and Protocols an IETF Perspective Authors:Henning Schulzrinne, Jonathan Rosenberg. Presenter: Sambhrama Mundkur.

Analysis of SIP security Ashwini Sanap ( ) Deepti Agashe ( )

1 Example security systems n Kerberos n Secure shell.

SIP Authentication using EC- SRP5 Protocol Fuwen Liu, Minpeng Qi, Min Zuo, 1.

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Simple Mail Transfer Protocol

Authors：Debiao He, Sherali Zeadally, Neeraj Kumar and Wei Wu

Date:2011/09/28 報告人：向峻霈出處: Ren-Chiun Wang Wen-Shenq Juang

Presentation transcript:

Session Initiation Protocol (SIP) 王承宇張永霖

Session Initiation Protocol (SIP) The Session Initiation Protocol (SIP) is a text-based signaling protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol networks such as Hyper Text Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). Session Initiation Protocol(SIP) (HTTP)Hyper Text Transport Protocol (SMTP)Simple Mail Transport Protocol

The original SIP authentication scheme based on HTTP digest authentication is vulnerable to some attack: Off-line password guessing attacks Server spoofing attacks Denning-Sacco attacks Stolen-verifier attacks Then, a new SIP authentication scheme was proposed in a converged VoIP network based on ECC in order to overcome those security problems.

SIP architecture SIP is a call setup signaling protocol for IP-based telephony services. The SIP architecture is mainly composed of a user agent client, proxy server, redirect server, register server, and location server. The function of each component is described as follows. Proxy server Redirect server Register server Location serve

SIP authentication procedure SIP authentication security is based on the challenge– response mechanism. Before the authentication procedure starts, the client pre-shares a password with the server. The pre-shared password is used to verify the identity of the client or the server. The protocol proceeds as follows.

SIP authentication procedure(cont) (1) Client ? Server: REQUEST The client sends a REQUEST to the server. (2) Server ? Client: CHALLENGE (nonce, realm) The server generates a CHALLENGE that includes a nonce and the client’s realm. It is noted that the realm is used to prompt the username and password. Then the server sends a CHALLENGE back. (3) Client ? Server: RESPONSE (nonce, realm, username,response) The client computes a response = F(nonce, realm, username, response). Note that FðÞ is a one-way hash function and is used to generate a digest authentication message. Then the client sends the RESPONSE to the server. (4) According to the username, the server extracts the client’s password. Then the server verifies whether or not the nonce is correct. If it is correct, the server computes h(nonce, realm, username, response) and uses it to make a comparison with the response. If they match, the server authenticates the identity of the client.

Security analysis With the above definitions, the following theorems are used to analyze the security properties in the proposed SIP uthentication scheme. Replay attacks Password guessing attacks Man-in-the-middle attacks Modification attacks Denning-Sacco attacks Stolen-Verifier attacks Mutual authentication Known-key security Session key security Perfect forward secrecy

Conclusions In order to resolve those security problems, a new secure and efficient SIP authentication scheme for converged VoIP networks based on elliptic curve cryptosystem (ECC) has been proposed. It has been demonstrated that the proposed SIP authentication scheme resists against those at tacks through exploiting the key block size, speed, and security jointly.