摘要
P2P和SIP融合技术已经普遍应用于多媒体通信中,它解决了传统的SIP网络单点失效的问题。但是由于现有的P2P-SIP缺少有效的认证方案,给其带来很多安全隐患。现有的P2P-SIP网络的认证方案大多采用节点的真实ID,不能满足其匿名性的特殊要求。针对这个问题,提出了一种基于Diffie-Hellman算法的节点匿名认证方案DHB,该方案初始化阶段使用代理ID分发中心PIAC产生节点的假名。认证阶段采用改进的Diffie-Hellman算法和节点共享信息进行身份认证,实现了P2P-SIP中节点间的匿名认证。理论和实验分析表明,DHB可以有效抵御中间人攻击和猜测攻击,是一种安全有效的节点匿名认证方案。
The integration of P2P and SIP is widely used in multimedia communication,which can resolve the problem of single-point failure in traditional SIP based network.Neverthelessl,ots of security problems appear because of the lack of ef-fective authentication.Most present P2P-SIP system authentications try to adopt peers’real ID,which can not meet the de-mand of anonymity of peers.In this paper,an anonymous authentication policy named as DHB based on Diffie-Hellman algo-rithm is proposed to cope with this problem.At the initialization stage of algorithm,DHB uses PIAC to generate peers’ pseudonymous name.At the authentication stage,peers’shared information and improved Diffie-Hellman algorithm are used to make certification between peers.The theoretical and experimental analysis shows that DHB is safe and effective,which can resist man-in-middle attack and key guessing attack.
出处
《计算机工程与应用》
CSCD
北大核心
2010年第35期109-111,118,共4页
Computer Engineering and Applications
关键词
会话初始化协议
通信安全
匿名
认证
Session Initiation Protocol(SIP)s
ecurity communications
anonymity
authentication
