Authenticated Identity Body

Authenticated Identity Body is a mechanism used in the Session Initiation Protocol to verify the identity of the sender of a message. It allows communicating parties in a network to exchange authenticated identity information, improving the security and integrity of SIP communications such as Voice over IP calls.
An AIB works by embedding a [Digital signature|digitally Digital signature|signed section] inside a SIP message. The sender signs specific SIP headers such as From, To, or Call-ID to prove that the message genuinely originates from the claimed identity. Additional headers, such as Date or Contact, may also be included in the signed data to protect against replay attacks and maintain reference integrity.
AIBs build upon existing authentication methods like S/MIME, but are designed to be more narrowly focused on verifying message origin and preventing identity spoofing in SIP environments.
The specification for Authenticated Identity Bodies is defined in RFC 3893. According to the document, AIBs may optionally be encrypted to protect end-to-end privacy. In such cases, encryption should occur before the AIB is signed. The security of the encrypted AIB depends on proper key distribution among trusted hosts, which may be practical in controlled networks.