Peer-to-peer architectures have become very popular in the last years for a variety of services and applications they support, such as collaborative computing, streaming and VoIP applications. The security of the protocols involved in such operations is, however, a fundamental prerequisite for a widespread diffusion of such a technology. In this paper, we focus on the establishment of a security association in a distributed scenario and we propose a new key exchange protocol authenticated through three different methods: i) the verification of a signature, based on the identifier of the remote peer, ii) the use of retained secrets from previously established sessions with the same peer, iii) the exchange of a Short Authentication String through a proper “trusted means”. We also provide a possible implementation for peer-to-peer VoIP applications for setting up secure multimedia communications through the standard SIP protocol. Our proposal does not require pre-shared secrets, trusted third parties, nor a Public Key Infrastructure. In addition, we investigate different ways of distributing cryptographic peer identities in a sort of P2P web-of-trust. The proposed protocols have been also implemented and integrated into an open source SIP User Agent, for functional validation.

3AKEP: Triple-authenticated key exchange protocol for peer-to-peer VoIP applications

PECORI, RICCARDO;VELTRI, LUCA
2016-01-01

Abstract

Peer-to-peer architectures have become very popular in the last years for a variety of services and applications they support, such as collaborative computing, streaming and VoIP applications. The security of the protocols involved in such operations is, however, a fundamental prerequisite for a widespread diffusion of such a technology. In this paper, we focus on the establishment of a security association in a distributed scenario and we propose a new key exchange protocol authenticated through three different methods: i) the verification of a signature, based on the identifier of the remote peer, ii) the use of retained secrets from previously established sessions with the same peer, iii) the exchange of a Short Authentication String through a proper “trusted means”. We also provide a possible implementation for peer-to-peer VoIP applications for setting up secure multimedia communications through the standard SIP protocol. Our proposal does not require pre-shared secrets, trusted third parties, nor a Public Key Infrastructure. In addition, we investigate different ways of distributing cryptographic peer identities in a sort of P2P web-of-trust. The proposed protocols have been also implemented and integrated into an open source SIP User Agent, for functional validation.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11389/20149
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 18
  • ???jsp.display-item.citation.isi??? 15
social impact