摘要
随着SIP协议在网络通信中的广泛应用,特别是向移动领域扩展,网络中大量使用无线设备,终端的运算与存储能力有限。对SIP的安全方案进行了讨论和分析,提出了一种基于身份的认证与密钥协商方案,保证了SIP消息传输过程中的完整性和真实性,并在该过程中进行了密钥协商。方案中不需要公钥证书,用户用身份标识SIPURI作为公钥,降低了对终端计算、存储能力的需求和通信开销,具有简单高效的优点。
Along with Session Initiation Protoco(lSIP) application in network communication widely,especially in mobility area, many wireless equipments are used.These devices have limited capacity of storage and computing.In this paper,the security schemes of SIP are discussed and analyzed.Furthermore,a new authentication and key agreement scheme based on identity is proposed,which assures the integrity and authenticity of SIP message during transmission and consults with share key.The scheme doesn't need any public key certificate;user's SIP URI is used as his public key.It needs less storage,computing capacity and communication cost,so it is simple and effective.
出处
《计算机工程与应用》
CSCD
北大核心
2010年第5期96-99,共4页
Computer Engineering and Applications
基金
国家高技术研究发展计划(863)No.2008AA01Z404
国家部委预研基金资助项目~~
关键词
会话发起协议
安全机制
基于身份的密码学
身份认证
密钥协商
Session Initiation Protoco(lSIP)
security mechanism
Identity Based Cryptography(IBC)
authentication
key agreement
