Providing response identity and authentication in IP telephony

The traditional circuit switched infrastructure for telephony services are being replaced by voice over IP (VoIP) for many forthcoming benefits. At the same time, there are some new security issues due to the introduction of new packet switched infrastructure and new VoIP protocols. One of crucial security issues faced by the current VoIP protocols is about the end-to-end user identity and how to authenticate it. This is especially important for guaranteeing integrity and privacy of the response information, because the current proposal solutions fail in many real-world scenarios. In this study, we demonstrate one new mechanism for providing and authenticating response identify, based on Session Initiation Protocol (SIP). In order to prevent several kinds of malicious attacks through response and protect the integrity of response message, another new per-hop authentication mechanism was proposed to handle SIP response. With the combination of these proposed mechanisms, response identity can be securely provided, and spam IP telephony (SPIT) or other malicious attacks can be identified and prevented from attacking the VoIP service.