Research Of Communication Security Mechanism Based On SIP

Session Initiation Protocol is currently receiving much attention and seems to be the most promising candidate as signaling protocol for the current and future application services. It has been becoming more mature in the market, especially in multimedia conferencing and IP telephony applications. Moreover, it will be distributed in the area of 3G, network control, portable cable and Multimedia applications. SIP will enter people's lives in the near future. As one of the core agreement of the Next Generation Internet, SIP application will be constantly expanding with the development of NGN.However, SIP security is a crucial issue. The problem of security is strictly related to the signaling mechanisms and the service provisioning model, including registration hijacking, impersonating a server, tampering with message bodies, tearing down sessions and denial of service. It is obviously to provide a certain level of security, comparable to that provided by the traditional telephone systems, such as ensuring the privacy and integrity of information, preventing replay attacks and deceptive information, authentication and authorization, preventing DoS attacks, and so on. Like many other TCP/IP protocol, the initial SIP designers did not consider the security issues. SIP security has become one of the main issues in its application, and it has been no satisfactory results. For this reason, at present, a very hot topic in the SIP standardization track is security support.In this work, the main objective is to study the security of SIP communication mechanisms, in order to providing authentication, confidentiality and availability to SIP communications. We focus, in particular, on the problem of authtication. Firstly, we analyzed the existing SIP security mechanisms. Then, we present a more comprehensive and detailed SIP security communication mechanism, which is based on improved SAKA algorithm. The security mechanism is combined with a complete SIP communication; it is mainly divided into two parts: authenticated key agreement and security SIP call. In this paper, each part of the security mechanism will be with the specific SIP message, and a detailed design of SIP security communication process will be given. Finally, we theoretically analyze its security. By means of a real testbed implementation, we provide an experimental functionality analysis of the SIP security mechanisms (authenticated key agreement), based on Osip2/eXosip implementation of a SIP phone.