Provably secure certificateless anonymous authentication protocol for P2P-SIP based on IPv6

doi:10.7523/j.issn.2095-6134.2013.04.017

Abstract

Abstract:

Following the developmental trend of the next-generation-network protocols, we analyze the characteristics of the P2P-SIP network which combines the SIP protocol and P2P networks. Considering its strengths and weaknesses, we design a certificateless anonymous protocol based on elliptic curve algorithms for P2P-SIP, which can be applied in IPv6 network. We prove the proposed protocol under the CK security model and do security analysis on the protocol. The security analysis demonstrates that the proposed protocol has the following security attributes: mutual authentication, excellent forward secrecy, anonymity, known key security, and key compromise impersonation. The proposed protocol can also effectively resist the known-key attack, Man-in-the-middle attack, SYBIL attack, and some other attacks. We compare our protocol with previous protocols and show that our protocol has more security attributes and more effective than the previous protocols.

Key words: P2P-SIP, certificateless, elliptic curve cryptography, IPv6, anonymous

CLC Number:

TP393

ZHANG Ge-Fei, ZHANG Yu-Qing. Provably secure certificateless anonymous authentication protocol for P2P-SIP based on IPv6[J]. , 2013, 30(4): 547-554.

References

[1] Deering S, Hiden R. RFC2460. Internet protocol: version 6(IPv6) specification[S]. Internet Engineering Task Force, 1998.

[2] Rosenberg J, Schulzrinne H, Camarillo G, et al. RFC3261. SIP: session initiation protocol[S]. Internet Engineering Task Force, 2002.

[3] Chaum D. Untraceable electronic mail, return addresses, and digital pseudonyms[J]. Communications of the ACM, 1981, 24(2): 84-90.

[4] Moeller U, Cottrell L, Palfrader P, et al. Mixmaster protocol version 2[S]. Tech rep Network Working Group, Internet-Draft, 2004.

[5] Danezis G, Dingledine R, Mathewson N. Mixminion: design of a type III anonymous remailer protocol[C]//Proc of IEEE Symposium on Security and Privacy. Berkeley, USA, 2003: 2-15.

[6] Reed M, Syverson P, Goldschlag D. Anonymous connections and onion routing[J]. IEEE Journal on Selected Areas in Communications, 1998, 16(4) 482-494.

[7] Mislove A, Oberoi G, Post A, et al. Ap3: cooperative, decentralized anonymous communication[C]//Proc of 11th ACM SIGOPS European workshop. Leuven, Belgium, 2004.

[8] Nambiar A, Wright M. Salsa: a structured approach to large-scale anonymity[C]//Proc of 13th ACM Conference on Computer and Communications Security. Alexandria, USA, 2006: 17-26.

[9] Freedman M J, Morris R, Tarzan. A peer-to-peer anonymizing network layer[C]//Proc of the 9th ACM Conference on Computer and Communications Security. Washington DC, USA, 2002: 193-206.

[10] Rennhard M, Plattner B. Introducing morphmix: peer-to-peer based anonymous internet usage with collusion detection[C]//Proc of Workshop on Privacy in the Electronic Society. Washington DC, USA, 2002: 91-102.

[11] 吴建平,任罡,李星. 构建基于真实IPv6 源地址验证体系结构的下一代互联网[J]. 中国科学 E辑: 信息科学, 2008, 38(10): 1583-1593.

[12] Wu J, Bi J, Li X, et al. RFC5210. A source address validation architecture(SAVA) testbed and deployment experience [S]. Internet Enginnering Task Force, 2008.

[13] Singh K, Schulzrinne H. Peer-to-peer internet telephony using SIP[C]//Proc of the international workshop on Network and operating systems support for digital audio and video. Stevenson, WashingtonDC, USA, 2005: 63-68.

[14] Al-Riyami SS, Paterson KG. Certificateless public key cryptography[C]//Laih CS. Proc of the ASIACRYPT. LNCS 2894, Berlin: Springer-Verlag, 2003: 452-473.

[15] Canetti R, Krawczyk H. Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels[C]//Proc of Eurocrpt'01. LNCS 2045, Springer-Verlag, 2001: 453-474.

[16] Zhang J, Duan H X, Wu J P. Anonymous communication system for IPv6 networks[J]. Journal of Tsinghua University: Sci & Tech, 2011, 51(1): 63-67(in Chinese). 张甲,段海新,吴建平. IPv6环境下匿名通信系统的设计与实现[J]. 清华大学学报:自然科学版,2011,51(1):63-67.

[17] Bellare M, Canetti R, Krawczyk H. A modular approach to the design and analysis of authentication and key-exchange protocols[C]//30th STOC. 1998: 419-428.

[18] Goldwasser S, Micali S. Probabilistic encryption[J]. JCSS, 1984, 28(2): 270-299.

[19] Goldwasser S, Bellare M. Lecture notes on Cryptography[M]. Cambridge, Massachusetts, 2008:136-148.

[20] Tin Y, Vasanta H, Boyd C. Protocols with security proofs for moblie applications[M]. Berlin: Springer-Verlag, 2004: 358-369.

[21] Yang C C, Wang R C, Liu W T. Secure authentication scheme for session initiation protocol[J]. Computer & Security, 2005, 24: 381-386.

[22] Dulanik A, Sogukpinar I. SIP authentication scheme using ECDH[J]. World Enformatika Society Transaction on Engineering Computing and Technology, 2005, 8: 350-353.

[23] Wang F J, Zhang Y Q. A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography[J]. Computer Communications, 2008, 31: 2142-2149.

[24] Wang Q L, Zhang X H, Gao B Z. Security communications algorithm in P2P-SIP network[J]. Computer Engineering and Applications, 2010, 46(35): 109-111.

[25] Karopoulos G, Kambourakis G, Gritzalis S. PrivaSIP: Ad-hoc identity privacy in SIP[J]. Computer Standards and Interfaces, 2011, 33(3): 301-314.