Special Issue Paper
Received 11 June 2016 Published online 9 December 2016 in Wiley Online Library
(wileyonlinelibrary.com) DOI: 10.1002/mma.4259
MOS subject classiﬁcation: 92; 94A60; 94C99
Blind signatures using light variations in CCD
sensors as a pattern to avoid identity forging
José Antonio Alvarez-Bermejo
and Juan Antonio Lopez-Ramos
Communicated by J. Vigo-Aguiar
The implementation of countermeasures to avoid licence abuse is now obligatory, especially with the burgeoning of the
Internet. The protocol proposed here is implemented within the session initiation protocol (SIP); this has been selected
as the ofﬁcial end-to-end signalling protocol for establishing multimedia sessions in the Universal Mobile Telecommuni-
cation Systems network. This paper introduces blind signatures, enforced with user-speciﬁc and unique data, modelled
from CCD sensors to trace users of these online services, thus avoiding licence sharing that gives access to them. Blind
signatures are useful in providing anonymity and establishing a way to tag users. The proposed protocol takes advan-
tage of elliptic curve-based cryptosystems – smaller key sizes and lower computational resources, an interesting issue for
session establishment in S-Universal Mobile Telecommunication Systems (satellite-linked networks), where fast and light
authentication protocols are a requirement ideal. SIP is a powerful signalling protocol for transmitting media over Internet
protocol. Authentication is a vital security requirement for SIP. Hitherto, many authentication schemes have been pro-
posed to enhance SIP security; indeed, the problem of impersonation is one of the topics most discussed. Consequently,
a novel authentication and key agreement scheme is proposed for SIP using an elliptic curve cryptosystem. Copyright ©
2016 John Wiley & Sons, Ltd.
Keywords: cryptography; machine vision; modelling of light; elliptic curve cryptosystem; identity forging; session initiation protocol
The Internet has gone beyond anyone’s reasonable expectations, becoming a universal communications platform. Its growth is expo-
nential. Running almost concurrently with this proliferation, there has been an equally extraordinary escalation in the number of mobile
wireless networks and subscribers. The emergence of IP-based networks for mobile communications will ﬁnally enable seamless access
to voice, video, messaging, data and web-based technologies for the wireless user, in much the same way as ﬁxed users are currently
experiencing over the Internet. The provision of IP-based multimedia services in UMTS is made possible through the introduction of
the IP Multimedia Subsystem, as part of the Third Generation Partnership Project (3GPP), with the release of ﬁve sets of standards. Cen-
tred on the provision of IP multimedia services is end-to-end signalling, based on the session initiation protocol , developed within
the Internet engineering task force. SIP has been selected by the 3GPP as the ofﬁcial end-to-end signalling protocol for establishing
multimedia sessions in UMTS  so as to be compliant with the rest of the Internet, thus facilitating interoperability, given the many
positive attributes that SIP possesses such as its simplicity, extensibility, ﬂexibility and scalability.
The SIP is an application layer protocol that is used for signalling in order to establish, alter and terminate multimedia sessions
between different users in IP-based telephony systems. One of the most important aspects of SIP is authentication of the service
requester – clients need to know the identity of a person who is peering into the multimedia communication, likewise service operators
need to identify the requester in order to charge and to provide preferential services or differing treatments. For these reasons, the
person who claims access to the service must be unambiguously identiﬁed. In addition to this, the system must be able to detect any
misuse of credentials.
An efﬁcient and secure authentication and key agreement scheme is able to provide various aspects of SIP communication security.
With an authentication and key agreement scheme, the client and the server can mutually authenticate each other by negotiating a
session key for secure communication.
Department of Informatics. Universidad de Almería, Almería, Spain
Department of Mathematics. Universidad de Almería, Almería, Spain
Correspondence to: José Antonio Álvarez-Bermejo, Department of Informatics, Universidad de Almería, Almería, Spain.
Copyright © 2016 John Wiley & Sons, Ltd. Math. Meth. Appl. Sci. 2018, 41 2319–2327