Research of session initial protocol security mechanism on public key technique

Abstract

Two common kinds of security mechanisms used in session initial protocol (SIP) are analyzed. An improved http digest authentication scheme is put forward based on the existing SIP authentication theories. This mechanism is combined with the merits of the http digest authentication and the public key encryption, so the communicating parties complete two-way authentication and public key exchange in pre-calling, and the session key can be randomly generated in post-calling. The mixture of security encryption mechanism with public key encryption and symmetric-key encryption algorithm can ensure the security for network communication data. The emulation of the scheme is verified, and the security analysis is conducted in the end. The researches show that the simulations efficiency of this method is about 78% of http’s, and it can prevent four kinds of attacks including impersonating a server, offline password guessing attacks, relay-attack, and session monitoring.