International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Alexandre M. Deusajute

Publications

Year
Venue
Title
2008
EPRINT
The SIP security enhanced by using pairing-assisted Massey-Omura signcryption
Alexandre M. Deusajute
Voice over IP (or VoIP) has been adopted progressively not only by a great number of companies but also by an expressive number of people, in Brazil and in other countries. However, this crescent adoption of VoIP in the world brings some concerns such as security risks and threats, mainly on the privacy and integrity of the communication. The risks and threats (which we can emphasize the man-in-the-middle attack, because his high danger degree) already exist in the signalling process to the call establishment. This signalling process is executed by specific types of protocols, like SIP (Session Initiation Protocol). After doing a bibliographical revision of the current SIP security mechanisms and analyzing some proposals to improve these mechanisms, we verified that the SIP vulnerability to the man-in-the-middle was not totally solved. Then we propose a new security mechanism for SIP in this paper, aiming both to be an alternative security mechanism and to solve the vulnerability to the man-in-the-middle attack. In our proposal we use a protocol for secure information exchange -- the Massey-Omura protocol -- which, when combined with Pairing-based Cryptography (PBC), provides a high security level for SIP in all its aspects.
2008
EPRINT
The SIP Security Enhanced by Using Pairing-assisted Massey-Omura Signcryption
Alexandre M. Deusajute Paulo S. L. M. Barreto
Voice over IP (or VoIP) has been adopted progressively not only by a great number of companies but also by an expressive number of people, in Brazil and in other countries. However, this crescent adoption of VoIP in the world brings some concerns such as security risks and threats, mainly on the privacy and integrity of the communication. The risks and threats already exist in the signaling process to the call establishment. This signaling process is performed by specific types of protocols, like the H.323 and SIP (Session Initiation Protocol). Among those risks and threats, we can emphasize the man-in-the-middle attack because of its high danger degree. After doing a bibliographical revision of the current SIP security mechanisms and analyzing some proposals to improve these mechanisms, we verified that the SIP vulnerability to the man-in-the-middle was not totally solved. Then we propose a new security mechanism for SIP in this paper, aiming both to be an alternative security mechanism and a solution for the vulnerability to the man-in-the-middle attack. In our proposal we use a protocol for secure information exchange -- the Massey-Omura protocol -- which, when combined with Pairing-based Cryptography (PBC), provides a better security level for SIP in all its aspects.

Coauthors

Paulo S. L. M. Barreto (1)