This preprint is under consideration at EURASIP Journal on Information Security. A preprint is a preliminary version of a manuscript that has not completed peer review at a journal. Research Square does not conduct peer review prior to posting preprints. The posting of a preprint on this server should not be interpreted as an endorsement of its validity or suitability for dissemination as established information or for guiding clinical practice.
Learn more about In Review
Research
Perfect Forward Secrecy in VoIP Networks Through Design a Lightweight and Secure Authenticated Communication Scheme
kazem saedi
Greater Amman Municipality
Corresponding Author
ORCiD: https://orcid.org/0000-0002-3669-5508
License:
This work is licensed under a CC BY 4.0 License. Read Full License
In this research, we have tried to first focus on the previous work and after getting familiar with the base papers, focus on the main paper. In this paper, we try to determine the security problems in the proposed protocols and present appropriate solutions for them. One of the subjects studied by security and encryption researchers is the matter of authentication and key agreement in SIP. Recently, an authentication and key agreement protocol in SIP has been presented in a scheme. In this paper, it was proven that their presented protocol is vulnerable to the replay attack. Such that if an attacker resends the messages sent on the public channel back to the server, the server does not notice the duplicate messages and proceeds with the session process. Also, their protocol is not resistant to the temporary parameter disclosure attack and it is possible for the attacker to discover the session key in case the temporary parameters are disclosed. Furthermore, user anonymity does neither provide re-registration prevention with the real user ID nor early detection. In this paper, we have tried to present a protocol which prevents replay and parameter disclosure attacks.
Keywords
VoIP, SIP, Perfect forward secrecy, attacks, security requirements
Figure 1
Figure 2
Figure 3
Due to technical limitations, full-text HTML conversion of this manuscript could not be completed. However, the manuscript can be downloaded and accessed as a PDF.
Badges
Prescreen
This manuscript passed our Prescreen assessment
Complete author information
Appropriate declaration statements
Potential risks to human health
Prescreen
Peer Review Timeline
CURRENT STATUS: Under Review
Version 1
Posted 23 Sep, 2020
No community comments so far
Reviewer #3 agreed
On 12 Jan, 2021
Review #2 received
Received 14 Dec, 2020
Reviewer #2 agreed
On 12 Nov, 2020
Reviewer #1 agreed
On 20 Oct, 2020
Reviewers invited
Invitations sent on 12 Oct, 2020
First submitted
On 16 Sep, 2020
Editor assigned
On 16 Sep, 2020
Submission checks complete
On 15 Sep, 2020
Editor invited
On 15 Sep, 2020
Metrics
Comments: 0
PDF Downloads: ...
HTML Views: ...
Subject Areas
Bioinformatics
Learn more about our company.
This preprint is under consideration at EURASIP Journal on Information Security. A preprint is a preliminary version of a manuscript that has not completed peer review at a journal. Research Square does not conduct peer review prior to posting preprints. The posting of a preprint on this server should not be interpreted as an endorsement of its validity or suitability for dissemination as established information or for guiding clinical practice.
Learn more about In Review
Research
Perfect Forward Secrecy in VoIP Networks Through Design a Lightweight and Secure Authenticated Communication Scheme
kazem saedi
Greater Amman Municipality
Corresponding Author
ORCiD: https://orcid.org/0000-0002-3669-5508
Badges
Prescreen
This manuscript passed our Prescreen assessment
Complete author information
Appropriate declaration statements
Potential risks to human health
Prescreen
Peer Review Timeline
CURRENT STATUS: Under Review
Version 1
Posted 23 Sep, 2020
No community comments so far
Reviewer #3 agreed
On 12 Jan, 2021
Review #2 received
Received 14 Dec, 2020
Reviewer #2 agreed
On 12 Nov, 2020
Reviewer #1 agreed
On 20 Oct, 2020
Reviewers invited
Invitations sent on 12 Oct, 2020
First submitted
On 16 Sep, 2020
Editor assigned
On 16 Sep, 2020
Submission checks complete
On 15 Sep, 2020
Editor invited
On 15 Sep, 2020
Metrics
Comments: 0
PDF Downloads: ...
HTML Views: ...
Subject Areas
Bioinformatics
License:
This work is licensed under a CC BY 4.0 License. Read Full License
In this research, we have tried to first focus on the previous work and after getting familiar with the base papers, focus on the main paper. In this paper, we try to determine the security problems in the proposed protocols and present appropriate solutions for them. One of the subjects studied by security and encryption researchers is the matter of authentication and key agreement in SIP. Recently, an authentication and key agreement protocol in SIP has been presented in a scheme. In this paper, it was proven that their presented protocol is vulnerable to the replay attack. Such that if an attacker resends the messages sent on the public channel back to the server, the server does not notice the duplicate messages and proceeds with the session process. Also, their protocol is not resistant to the temporary parameter disclosure attack and it is possible for the attacker to discover the session key in case the temporary parameters are disclosed. Furthermore, user anonymity does neither provide re-registration prevention with the real user ID nor early detection. In this paper, we have tried to present a protocol which prevents replay and parameter disclosure attacks.
Figure 1
Figure 2
Figure 3
Due to technical limitations, full-text HTML conversion of this manuscript could not be completed. However, the manuscript can be downloaded and accessed as a PDF.