Mutual Authentication for SIP: A Semantic Meaning for the SIP Opaque Values

Download Now Date Added: Sep 2009
Format: PDF

The Session Initiation Protocol (SIP) is rapidly becoming the dominant signaling protocol for calls over the Internet. It has quickly made large inroads into the Voice over IP (VoIP) market. SIP is an application-layer control operating on top of a transport protocol and allows to create, modify, and terminate sessions with one or more participants. With security considerations, these operations require authentication from participating end-points, confidentiality, data integrity, and protection against internal and external attacks. For authentication, SIP relies on HTTP Digest by default; the client is authenticated to the SIP proxy server. In order to have mutual authentication between client and server, SIP could be implemented over TLS (Transport Layer Security) when TCP is supported by SIP architecture network.