Skip to main content
SpringerLink
Log in

Secure SCTP – A Versatile Secure Transport Protocol

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

The Stream Control Transmission Protocol (SCTP) is a new general purpose transport protocol defined by the IETF. Originally intended for the transport of voice signaling data (SS7) over IP networks, SCTP together with newly defined extensions is increasingly considered for other application scenarios as well. These require strong security solutions to authenticate the communication partners and protect sensitive data with respect to integrity and confidentiality. Proposals have been issued on how to protect SCTP transport by using standard security protocols such as TLS and IPsec. However, these solutions introduce limitations or inefficiencies und thus may not be able to fully exploit the capabilities of SCTP. Therefore, we propose a security extension to SCTP named Secure SCTP (S-SCTP) to solve these issues in an efficient and user-friendly way.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. M. Allman, V. Paxson and W. Stevens, TCP congestion control, RFC 2581 (April 1999).

  2. M. Cox, R. Engelschall et al., The OpenSSL project (September 2003) http://www.openssl. org.

  3. T. Dierks and C. Allen, The TLS protocol version 1.0, RFC 2246 (January 1999).

  4. T. Dreibholz, An introduction to reliable server pooling (September 2003) http://tdrwww.exp-math. uni-essen.de/dreibholz/rserpool/.

  5. T. Dreibholz, A. Jungmaier and M. Tüxen, A new scheme for IP-based Internet-mobility, in: Proc. of the IEEE Conf. on Local Computer Networks (LCN 2003), Bonn (October 2003).

  6. D. Eastlake, S. Crocker and J. Schiller, Randomness recommendations for security, RFC 1750 (December 1994).

  7. T. George, B. Bidulock et al., SS7 MTP2-user peer-to-peer adaptation layer, IETF, Network Working Group, draft-ietf-sigtran-m2pa-12.txt (June 2004) work in progress.

  8. D. Harkins and D. Carrel, The Internet key exchange (IKE), RFC 2409 (November 1998).

  9. A. Jungmaier et al., SCTPLIB - an SCTP implementation (May 2004) http://freshmeat. net/projects/sctplib.

  10. A. Jungmaier, E. Rescorla and M. Tüxen, Transport layer security over stream control transmission protocol, RFC 3436 (December 2002).

  11. A. Jungmaier, M. Schopp and M. Tüxen, Performance evaluation of the stream control transmission protocol, in: ATM 2000 - Proc. of the IEEE Conf. on High Performance Switching and Routing (2000) pp. 141–148.

  12. S. Kent and R. Atkinson, IP authentication header, RFC 2402 (November 1998).

  13. S. Kent and R. Atkinson, IP encapsulating security payload (ESP), RFC 2406 (November 1998).

  14. S. Kent and R. Atkinson, Security architecture for the Internet protocol, RFC 2401 (November 1998).

  15. S.J. Koh et al., Use of SCTP for seamless handover, IETF, Network Working Group, draft-sjkoh-mobile-sctp-handover-00.txt (February 2003) work in progress.

  16. H. Krawczyk, M. Bellare and R. Canetti, HMAC: Keyed-hashing for message authentication, RFC 2104 (February 1997).

  17. J. Loughney et al., Signalling connection control part user adaptation layer (SUA), IETF, Network Working Group, draft-ietf-sigtran-sua-15.txt (June 2003) work in progress.

  18. J. Loughney, M. Tüxen and J. Pastor-Balbas, Security considerations for SIGTRAN protocols, RFC 3788 (June 2004).

  19. D. Maughan et al., Internet security association and key management protocol (ISAKMP), RFC 2408 (November 1998).

  20. J. McCann, S. Deering and J. Mogul, Path MTU discovery for IP version 6, RFC 1981 (August 1996).

  21. D. McDonald, C. Metz and B. Phan, PF_KEY key management API, version 2, RFC 2367 (July 1998).

  22. J. Mogul and S. Deering, Path MTU discovery, IETF, Network Working Group, RFC 1191 (November 1990).

  23. K. Morneault et al., Signaling system 7 (SS7) message transfer part 2 (MTP2) - User adaptation layer, IETF, Network Working Group, RFC 3331 (September 2002).

  24. L. Ong, I. Rytina et al., Framework architecture for signaling transport, IETF, Signaling Transport Working Group, RFC 2719 (October 1999).

  25. R. Pereira and R. Adams, The ESP CBC-mode cipher algorithms, RFC 2451 (November 1998).

  26. M. Riegel and M. Tüxen, Mobile SCTP, IETF, Network Working Group, draft-riegel-tuexen-mobile-sctp-03.txt (August 2003) work in progress.

  27. G. Sidebottom et al., Signaling system 7 (SS7) message transfer part 3 (MTP3) - User adaptation layer (M3UA), IETF, Network Working Group, RFC 3332 (September 2002).

  28. R. Stewart et al., On the use of stream control transmission protocol (SCTP) with IPsec, RFC 3554 (June 2003).

  29. R. Stewart et al., SCTP dynamic address reconfiguration, IETF, Network Working Group draft-ietf-tsvwg-addip-sctp-09.txt (June 2004) work in progress.

  30. R. Stewart et al., Aggregate server access protocol (ASAP), IETF, Network Working Group, draft-ietf-rserpool-asap-09.txt (June 2004) work in progress.

  31. R. Stewart et al., Stream Control Transmission Protocol (SCTP) partial reliability extension, RFC 3758 (May 2004).

  32. R. Stewart et al., Stream control transmission protocol (SCTP) implementor's guide, IETF, Network Working Group, draft-ietf-tsvwg-sctpimpguide-10.txt (November 2003) work in progress.

  33. R. Stewart, Q. Xie et al., Stream control transmission protocol, IETF, Signaling Transport Working Group, RFC 2960 (October 2000).

  34. M. Stillman et al., Threats introduced by rserpool and requirements for security in response to threats, IETF, Network Working Group, draft-ietf-rserpool-threats-01.txt (August 2003) work in progress.

  35. J. Stone, R. Stewart and D. Otis, Stream control transmission protocol (SCTP) checksum change, IETF, Network Working Group, RFC 3309 (September 2002).

  36. M. Tüxen et al., Architecture for reliable server pooling, IETF, Network Working Group, draft-ietf-rserpool-arch-07.txt (October 2003) work in progress.

  37. E. Unurkhaan, Secure SCTP - A draft specification, Computer Networking Technology Group, University Duisburg-Essen, Germany (February 2004).

    Google Scholar 

  38. Q. Xie, R. Stewart and M. Stillman, Endpoint name resolution protocol (ENRP), IETF, Network Working Group, draft-ietf-rserpool-enrp-09.txt (June 2004) work in progress.

Download references

Author information

Authors and Affiliations

  1. IEM, University of Duisburg-Essen, Computer Networking Technology Group, Ellernstr, 29, D-45326, Essen, Germany

    Esbold Unurkhaan

  2. Computer Networking Technology Group, IEM, University of Duisburg-Essen, Ellernstr, 29, D-45326, Essen, Germany

    Erwin P. Rathgeb & Andreas Jungmaier

Authors
  1. Esbold Unurkhaan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Erwin P. Rathgeb
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andreas Jungmaier
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Unurkhaan, E., Rathgeb, E.P. & Jungmaier, A. Secure SCTP – A Versatile Secure Transport Protocol. Telecommunication Systems 27, 273–296 (2004). https://doi.org/10.1023/B:TELS.0000041012.85567.54

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/B:TELS.0000041012.85567.54

Search

Navigation