The SIP protocol is a controlling protocol of the application layer. In order to improve the security of SIP protocol, based on the intractability of the elliptic curve discrete logarithm problem, combining with the user's identity, password and one-way trapdoor function F(), this paper proposes an SIP authentication key agreement protocol with the basis of ECDLP. The agreement process consists of four parts: initialization, registration, login authentication, and changing password. The safety analysis shows that the proposed protocol not only provides two-way authentication and a safe session key, but also resists the password-guessing attack, man-in-the-middle attack, replay attack, masquerade attack, and Denning-Sacco attack. Compared with other protocols, the proposed SIP authentication key agreement based on ECDLP has higher security and can better meet the application demands.%SIP协议是应用层控制协议,为了提高SIP协议的安全性,文中基于椭圆曲线离散对数问题的难解性,结合用户身份、用户口令及单向陷门函数F(),提出了一种基于ECDLP的SIP认证密钥协商协议.协议过程主要由初始化、注册、登录认证、口令修改四部分组成.安全分析表明,该协议实现了双向认证、提供了安全会话密钥,能抵抗口令猜测攻击、中间人攻击、重放攻击、冒充攻击、Denning-Sacco攻击等.与相关协议比较,本文所提出的基于ECDLP的SIP认证密钥协议具有更高的安全性,能更好的满足应用需求.
展开▼
