计算机应用 ›› 2011, Vol. 31 ›› Issue (05): 1305-1307.DOI: 10.3724/SP.J.1087.2011.01305

• 信息安全 • 上一篇    下一篇

基于身份密码的轻量级SIP安全方案

牟明朗1,王伟2   

  1. 1.四川工商职业技术学院 机电系,四川 都江堰 611830
    2.解放军63636部队,兰州 732750
  • 收稿日期:2010-10-25 修回日期:2011-01-03 发布日期:2011-05-01 出版日期:2011-05-01
  • 通讯作者: 王伟
  • 作者简介:牟明朗(1972-),男,四川广元人,讲师,硕士,主要研究方向:自动控制、网络安全;王伟(1981-),女,新疆乌鲁木齐人,工程师,硕士,主要研究方向:网络安全。

Lightweight security scheme of identity-based cryptography for SIP

MOU Ming-lang1, WANG Wei2   

  1. 1. Electromechanical Department, Sichuan Technology and Business College, Dujiangyan Sichuan 611830, China
    2. The No. 63636 Army of PLA, Lanzhou Gansu 732750, China
  • Received:2010-10-25 Revised:2011-01-03 Online:2011-05-01 Published:2011-05-01

摘要: 针对基于会话初始协议(SIP)的IP多媒体子系统(IMS)网络安全机制,分析了SIP协议存在的安全隐患,将身份密钥协商协议IBAKA和头域敏感信息完整性保护等机制有效结合,提出了基于身份密码的轻量级SIP安全方案。分析了该方案的安全性,并从安全性和抗攻击性方面与几种典型方案进行比较。比较结果表明,该方案克服了SIP协议的安全隐患,提高了协议的安全性。

关键词: 基于身份的密码体系, 会话初始协议, 认证, 完整性, 轻量级

Abstract: For Session Initiation Protocol (SIP) based security mechanism of IP Multimedia Subsystem(IMS), the threats and attacks on SIP were analyzed. The Identity-Based Cryptography (IBC) based lightweight security scheme for SIP was proposed, combined with Identity-Based Authenticated Key Agreement (IBAKA) and integrity of critical header fields. The security of the proposed scheme was analyzed, and its security and attack-resistance were compared with other typical schemes. The experimental results indicate that the new protocol improves greatly in security and suffers fewer threats.

Key words: Identity-Based Cryptography (IBC), Session Initiation Protocol (SIP), authentication, integrity, lightweight