Use of elliptic curves in cryptography
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Fragmentation considered harmful
ACM SIGCOMM Computer Communication Review - Special twenty-fifth anniversary issue. Highlights from 25 years of the Computer Communication Review
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
King: estimating latency between arbitrary internet end hosts
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Performance analysis of identity management in the Session Initiation Protocol (SIP)
AICCSA '08 Proceedings of the 2008 IEEE/ACS International Conference on Computer Systems and Applications
SIP proxies: new reflectors in the internet
CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Hi-index | 0.00 |
In this article, we summarize the security threats targeting SIP proxy servers or other infrastructures in NGN by misusing a specific signaling authentication mechanism, which has been proposed in RFC 4474 (Peterson and Jennings, 2006). This mechanism is designed to authenticate inter-domain SIP requests based on domain certificates to prevent identity theft. Nevertheless, despite its contribution, this protection raises some ''side effects'', that actually lead to new vulnerabilities in both the availability and confidentiality of SIP services. We provide an overview of different attack possibilities and explain them in more detail, including attacks utilizing algorithm complexity, certificates storage, and certificates distribution. We also suggest some alternative design to prevent or reduce the attacks. SIP, VoIP, NGN, Authentication, Denial of Service, Timing attack.