Skip to main content
SpringerLink
Log in

A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Session Initiation Protocol (SIP) is an essential part of most Voice over Internet Protocol (VoIP) architecture. Although SIP provides attractive features, it is exposed to various security threats, and so an efficient and secure authentication scheme is sought to enhance the security of SIP. Several attempts have been made to address the tradeoff problem between security and efficiency, but designing a successful authenticated key agreement protocol for SIP is still a challenging task from the viewpoint of both performance and security, because performance and security as two critical factors affecting SIP applications always seem contradictory. In this study, we employ biometrics to design a lightweight privacy preserving authentication protocol for SIP based on symmetric encryption, achieving a delicate balance between performance and security. In addition, the proposed authentication protocol can fully protect the privacy of biometric characteristics and data identity, which has not been considered in previous work. The completeness of the proposed protocol is demonstrated by Gong, Needham, and Yahalom (GNY) logic. Performance analysis shows that our proposed protocol increases efficiency significantly in comparison with other related protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Rosenberg J, Schulzrinne H et al. (2002) SIP: Session Initiation Protocol. RFC 3261, June

  2. Geneiatakis D, Lambrinoudakis C, Kambourakis G (2008) An ontology based-policy for deploying secure sip-based voip services. Comput Secur 27(7–8):285–297

    Article  Google Scholar 

  3. Franks J, Hallam-Baker P, Hostetler J et al. (1999) HTTP Authentication: Basic and Digest Access Authentication. Internet Engineering Task Force, RFC 2617

  4. Kilinc HH, Yanik T (2013) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor. doi:10.1109/SURV.2013.091513.00050

    MATH  Google Scholar 

  5. Yanik T, Kilinc HH, Sarioz M, Erdem SS (2008) Evaluating SIP Proxy Servers Based on Real Performance Data. SPECTS2008

  6. Yang C, Wang R, Liu W (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24:381–386

    Article  Google Scholar 

  7. Jo H, Lee Y et al. (2009) Off-line Password-Guessing Attack to Yang’s and Huang’s Authentication Schemes for Session Initiation Protocol. In proceedings of INC, IMS and IDC, pp. 618–621

  8. Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. Enformatika 8:350–353

    Google Scholar 

  9. Yoon E-J, Yoo K-Y (2009) Cryptanalysis of DS-SIP Authentication Scheme Using Ecdh. In Proceedings of the 2009 International Conference on New Trends in Information and Service Science, Washington, DC, USA, pp. 642–647

  10. Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comput Stand Interfaces 31(2009):286–291

    Article  MathSciNet  Google Scholar 

  11. Yoon EJ, Yoo KY et al (2010) A secure and efficient SIP authentication scheme for converged VoIP networks. Comput Commun 33(2010):1674–1681

    Article  Google Scholar 

  12. Srinivasan R, Vaidehi V, Harish K, LakshmiNarasimhan K, LokeshwerBabu S, Srikanth V (2005) Authentication of Signaling in VoIP Applications. In APCC, Perth, Australia, October

  13. Nodooshan AM, Darmani Y et al (2009) A robust and efficient SIP authentication scheme. Commun Comput Inf Sci 6:551–558

    Article  Google Scholar 

  14. Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2013):165–178

    Article  Google Scholar 

  15. He D, Chen J, Chen Y (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Netw 5(12):1423–1429

    Article  Google Scholar 

  16. Pu Q, Wang J, Wu S (2013) Secure SIP authentication scheme supporting lawful interception. Secur Commun Netw 6:340–350

    Article  Google Scholar 

  17. Yoon E, Yoo K (2010) A three-factor authenticated key agreement scheme for SIP on elliptic curves. 2010 Fourth International Conference on Network and System Security, pp 334–339

  18. Yeh H-L, Chen T-H, Shih W-K (2013) Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Comput Stand Interfaces 36(2):397–402

    Article  Google Scholar 

  19. Ring J, Choo K-KR, Foo E, Looi M, Ne A (2006) Authentication Mechanism and Key Agreement Protocol for SIP Using Identitybased Cryptography. In AusCERT Asia Pacific Information Technology Security Conference, Gold Coast, Australia, 23 May, pp 61–72

  20. Han K, Yeun C, Kim K (2008) Design of Secure VoIP using ID-Based Cryptosystem. In The Symposium on Cryptography and Information Security (SCIS2008), Miyazaki,Japan, Jan. 22–25

  21. Wang F, Zhang Y (2008) A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Comput Commun 31(10):2142–2149

    Article  Google Scholar 

  22. Li X, Zhang Y, Zhang G (2012) A new certificateless authenticated key agreement protocol for SIP with different KGCs. Secur Commun Netw. doi:10.1002/SEC.595

    Google Scholar 

  23. Tao C, Qiang G, Baohong H (2008) A lightweight authentication scheme for session initiation protocol. In Proc. ICCCAS, pp 502–505

  24. Tsai JL (2009) Efficient Nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 9(1):12–16

    Google Scholar 

  25. Yoon E, Shin Y, Jeon I, Yoo K (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27(2010):203–213

    Article  Google Scholar 

  26. Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54

    Article  Google Scholar 

  27. Khan MK, Zhang J (2007) Improving the security of ‘a flexible biometrics remote user authentication scheme’. Comput Stand Interfaces 29(2007):82–85

    Article  Google Scholar 

  28. Yoon E-J, Yoo K-Y (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63:235–255

    Article  Google Scholar 

  29. Yan X, Li W, Li P, Wang J, Hao X, Gong P (2013) A secure biometrics-based authentication scheme for telecare medicine information systems. J Med Syst 37:9972. doi:10.1007/s10916-013-9972-1

    Article  Google Scholar 

  30. Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33:1–5

    Article  Google Scholar 

  31. Chen C-L, Lee C-C, Hsu C-Y (2012) Mobile device integration of a fingerprint biometric remote authentication scheme. Int J Commun Syst 25:585–597

    Article  Google Scholar 

  32. Chuang M, Chen M (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Exp Syst Appl 41(2014):1411–1418

    Article  MathSciNet  Google Scholar 

  33. Li X, Niu J et al (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(2011):73–79

    Article  MATH  Google Scholar 

  34. Hao F, Anderson R, Daugman J (2006) Combining cryptography with biometrics effectively. IEEE Trans Comput 55(9):1081–1088

    Article  Google Scholar 

  35. Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols. Proceedings of IEEE Computer Society Symp. Research in Security and Privacy, Oakland, CA, 7–9 May, pp 234–248

  36. Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8:18–36

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported by the National Natural Science Foundation of China [grant numbers 61303237, 61272469]; the Wuhan Scientific Research Program [grant number 2013010501010144]; China Postdoctoral Fund [grant number 2012194091]; and the Fundamental Research Funds for the Central Universities [Grant number 2013199037].

Author information

Authors and Affiliations

  1. Secure Communication Institute, China University of Geosciences, Wuhan, 430074, China

    Liping Zhang, Shanyu Tang & Shaohui Zhu

  2. Computer& Information Science & Engineering, University of Florida, Gainesville, FL, USA

    Liping Zhang

  3. School of Compute Science, China University of Geosciences, 388 Lumo Road, Wuhan, 430074, People’s Republic of China

    Liping Zhang, Shanyu Tang & Shaohui Zhu

Authors
  1. Liping Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shanyu Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shaohui Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shanyu Tang.

Additional information

Shanyu Tang is a Senior Member, IEEE.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, L., Tang, S. & Zhu, S. A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP. Peer-to-Peer Netw. Appl. 9, 108–126 (2016). https://doi.org/10.1007/s12083-014-0317-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-014-0317-8

Keywords

Search

Navigation