Session Initiation Protocol (SIP), due to its simple architecture and well-defined content, is currently considered the premier signaling protocol for Next Generation Networks (NGN). However, its simplicity will lead to serious security challenges in terms of privacy and integrity. Security mechanisms recommended by RFC3261 for SIP are either weak information protection methods or demand heavy computing resources. In this paper, a lightweight mutual authentication scheme based on improved HTTP Digest authentication is proposed to provide per-hop authentication and end-to-end user authentication. The proposed scheme can protect from many threats such as identity spoofing and Denial-of-Service (DoS) attacks.
展开▼