摘要： 为解决点对点会话初始协议(P2PSIP)的安全性问题，根据其分布式特点，结合身份公钥密码，提出一种可认证密钥协商方案。分析其安全性、运算效率和密钥托管等问题。该方案可以实现P2PSIP呼叫过程的双向身份认证和密钥协商，抵抗中间人攻击、重放攻击和离线密码攻击，防止消息体篡改、会话劫持和身份欺骗。

关键词: 点对点会话初始协议, 身份, 认证, 密钥协商, 双线性, 密钥托管

Abstract: In order to fit with the Peer to Peer Session Initiation Protocol(P2PSIP) security issues and its distributed characteristics, this paper proposes an authenticable key agreement scheme for P2PSIP by using identity-based cryptography, and analyzes its security, efficiency and key escrow problem. This scheme provides mutual-authentication and key agreement in the process of P2PSIP call, ensuring the security of P2PSIP communication, and avoiding the disadvantage of Public Key Infrastructure(PKI).

Key words: Peer to Peer Session Initiation Protocol(P2PSIP), identity, authentication, key agreement, bilinear, key escrow

中图分类号: 

• TN915.9