Obscuring Users' Identity in VoIP/IMS Environments

Next Generation Networks bring together wired and wireless architectures, under the umbrella of an all IP architecture. Architectures such as the IP Multimedia Subsystem (IMS) offer advanced services at very low cost but also inherit IP infrastructure's security and privacy issues. The utilized signalling protocol (i.e. Session Initiation Protocol) and the related specifications are both overlooking users' privacy, leaving public and private identities unprotected to eavesdroppers. Existing solutions require either the existence of a public key infrastructure or the establishment of the appropriate mechanism for managing symmetric keys. We propose a novel one-time identity mechanism for obscuring users' real identity against eavesdroppers. The solution exploits the advantages of commutative functions, enabling the communicating parties to exchange data without pre-established keys nor any modification in the infrastructure. All participating entities generate one-time random identities providing in this way unlinkability and anonymity services as well. We evaluate the proposed mechanism through an open source IMS platform. Results have provided evidence that the client's response times are not considerably affected by the proposed mechanism, while the overhead imposed to the IMS core is negligibleJRC.G.6-Digital Citizen Securit