Learn More
The Session Initiation Protocol (SIP) is increasingly used as a signaling protocol for administrating Voice over IP (VoIP) phone calls. SIP can be configured in several ways so that different functional and security requirements are met. Careless configuration of the SIP protocol is known to lead to a large set of attacks. In this paper we show how(More)
This paper describes the approach and preliminary results from the research project EUX2010sec. The project works closely with Voice-over-IP (VoIP) companies and users. It aims at providing better security of open source VoIP installations. The work towards this goal is organized by gathering researchers and practitioners around several scientific(More)
Many protocols running over the Internet are neither for-malised, nor formally analysed. The amount of documentation for telecom-munication protocols used in real-life applications is huge, while the available analysis methods and tools require precise and clear-cut protocol clauses. A manual formalisation of the Session Initiation Protocol (SIP) used in(More)
— The present paper describes the approach and preliminary results from the research project EUX2010SEC. The project works closely with Voice over IP (VoIP) companies and users. The project aims at providing better security of open source VoIP installations. The work towards this goal is organized by gathering researchers and practitioners around scientific(More)
—This paper specifies a two-step migration towards a stronger authentication in the Session Initiation Protocol. First, we add support for a Password Authenticated Key Exchange algorithm that can function as a drop-in replacement for the widely adopted Digest Access Authentication mechanism. This new authentication mechanism adds support for mutual(More)
  • 1