Peer-to-peer architectures have become very popular in the last years for a variety of services and applications they support, such as collaborative computing, streaming and VoIP applications. The security of the protocols involved in such operations is, however, a fundamental prerequisite for a widespread diffusion of such a technology. In this paper, we focus on the establishment of a security association in a distributed scenario and we propose a new key exchange protocol authenticated through three different methods: i) the verification of a signature, based on the identifier of the remote peer, ii) the use of retained secrets from previously established sessions with the same peer, iii) the exchange of a Short Authentication String through a proper "trusted means". We also provide a possible implementation for peer-to-peer VoIP applications for setting up secure multimedia communications through the standard SIP protocol. Our proposal does not require pre-shared secrets, trusted third parties, nor a Public Key Infrastructure. In addition, we investigate different ways of distributing cryptographic peer identities in a sort of P2P web-of-trust. The proposed protocols have been also implemented and integrated into an open source SIP User Agent, for functional validation.

3AKEP: Triple-authenticated key exchange protocol for peer-to-peer VoIP applications / Pecori, Riccardo; Veltri, Luca. - In: COMPUTER COMMUNICATIONS. - ISSN 0140-3664. - 85:(2016), pp. 28-40. [10.1016/j.comcom.2016.04.005]

3AKEP: Triple-authenticated key exchange protocol for peer-to-peer VoIP applications

PECORI, Riccardo;VELTRI, Luca
2016

Abstract

Peer-to-peer architectures have become very popular in the last years for a variety of services and applications they support, such as collaborative computing, streaming and VoIP applications. The security of the protocols involved in such operations is, however, a fundamental prerequisite for a widespread diffusion of such a technology. In this paper, we focus on the establishment of a security association in a distributed scenario and we propose a new key exchange protocol authenticated through three different methods: i) the verification of a signature, based on the identifier of the remote peer, ii) the use of retained secrets from previously established sessions with the same peer, iii) the exchange of a Short Authentication String through a proper "trusted means". We also provide a possible implementation for peer-to-peer VoIP applications for setting up secure multimedia communications through the standard SIP protocol. Our proposal does not require pre-shared secrets, trusted third parties, nor a Public Key Infrastructure. In addition, we investigate different ways of distributing cryptographic peer identities in a sort of P2P web-of-trust. The proposed protocols have been also implemented and integrated into an open source SIP User Agent, for functional validation.
3AKEP: Triple-authenticated key exchange protocol for peer-to-peer VoIP applications / Pecori, Riccardo; Veltri, Luca. - In: COMPUTER COMMUNICATIONS. - ISSN 0140-3664. - 85:(2016), pp. 28-40. [10.1016/j.comcom.2016.04.005]
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11381/2817711
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 16
  • ???jsp.display-item.citation.isi??? 14
social impact