| With the standardization of P2PSIP, authentication of user's identity in the absence of a central authority becomes a main security problem in P2PSIP. Using public key cryptography (PKC) is one known approach to authenticate user in p2p network. However, traditional PKC needs the Public Key Infrastructure (PKI) to provide an assurance to the user about the relationship between a public key and the identity (or authority) of the holder of the corresponding private key, servers in which will be the bottleneck of P2PSIP system.This paper makes a research of security mechanism used in P2P system and the possibility of using Self-Generated-Certificate Public Key Cryptography (SGC-PKC) in P2PSIP, then introduces a partial distributed key management scheme based on SGC-PKC, which has good security and can enhance the reliability and availability of the key management center. Besides, identity authentication and authentication key agreement scheme based on SGC-PKC are designed for P2PSIP. By means of the experimental implementation on PC, it shows that this new mechanism could solve the problems of Authentication and Key-Agreement among users in P2PSIP network effectively and overcome some shortcomings of traditional PKC system. At last, we transplant the implementation to embedded SIP phone, which provides the communication security of using SIP phone in P2P network.This paper is a part of"115"project. |
PDF Full Text Request