The Session Initiation Protocol (SIP) is the principal signalling protocol in Voice over IP (VoIP) systems, responsible for initialising, terminating, and maintaining sessions amongst call parties. However, the problem with the SIP protocol is that it was not designed to be secure by nature as the HTTP digest authentication used in SIP is insecure, making it vulnerable to a variety of attacks. The current solutions rely on several standard-ised encryption protocols, such as TLS and IPsec, to protect SIP registration messages. However, the current centralised solutions do not scale well and cause algorithm overload when encoding and decoding SIP messages. In trying to rectify this issue, we propose in this paper a blockchain-based lightweight authenti-cation mechanism, which involves a decentralised identity model to authenticate the SIP client to the SIP server. Our mechanism uses a smart contract on the Ethereum blockchain to ensure trust, accountability and preserves user privacy. We provided a proof-of-concept implementation to demonstrate our work. Further analysis of this approach's usability, mainly CPU and memory usage, was conducted comparing to IPsec and TLS. Then we discussed our system's security and presented a security analysis. Our analysis proves that our approach satisfies the SIP protocol security requirements.
Abubakar, M., Jaroucheh, Z., Al Dubai, A., & Buchanan, W. (2021). Blockchain-Based Authentication and Registration Mechanism for SIP-Based VoIP Systems. In 2021 5th Cyber Security in Networking Conference (CSNet). https://doi.org/10.1109/csnet52717.2021.9614646