Multimedia Tools and Applications

, Volume 74, Issue 10, pp 3477–3488 | Cite as

A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography

  • Zezhong Zhang
  • Qingqing Qi
  • Neeraj Kumar
  • Naveen Chilamkurti
  • Hwa-Young Jeong
Article

Abstract

As a signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions, the Session Initiation Protocol (SIP) is widely used in the world of multimedia communication. To ensure communication security, many authentication schemes for the SIP have been proposed. However, those schemes cannot ensure user privacy since they cannot provide user anonymity. To overcome weaknesses in those authentication schemes with anonymity for SIP, we propose an authentication scheme with anonymity using elliptic curve cryptograph. By a sophisticated analysis of the security of the proposed protocol, we show that the proposed scheme not only overcomes weaknesses in previous schemes but also is very efficient. Therefore, it is suitable for applications with higher security requirements.

Keywords

Authentication scheme Anonymity Elliptic curve cryptography Session initiation protocol 

Notes

Acknowledgments

The authors thank the editors and the anonymous reviewers for their valuable comments. This research was supported by National Natural Science Foundation of China (Nos. 51190093, 51309098, 200926).

References

  1. 1.
    Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2):165–178CrossRefGoogle Scholar
  2. 2.
    Chen TH, Yeh HL, Liu PC, Hsiang HC, Shih WK (2010) A secured authentication protocol for SIP using elliptic curves cryptography. In: FGCN 2010, Part I, Communications in Computer and Information Science, Vol. 119. pp. 46–55Google Scholar
  3. 3.
    Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. World Enformatika Soc Trans Eng Comput Technol 8:350–353Google Scholar
  4. 4.
    Farash MS, Attari MA (2013) An enhanced authenticated key agreement for session initiation protocol. Inf Technol Control 42(4):333–342Google Scholar
  5. 5.
    Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A (1999) HTTP authentication: basic and digest access authentication. IETF RFC2617Google Scholar
  6. 6.
    He D, Chen J, Chen Y (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Netw 5(12):1423–1429CrossRefGoogle Scholar
  7. 7.
    He D, Chen J, Hu J (2012) An ID-based client authentication with key agreement protocol for mobile client—server environment on ECC with provable security. Inf Fusion 13(3):223–230CrossRefGoogle Scholar
  8. 8.
    He D, Chen J, Zhang R (2012) A more secure authentication scheme for telecare medicine information systems. J Med Syst 36(3):1989–1995CrossRefGoogle Scholar
  9. 9.
    Huang HF, Wei WC, Brown GE (2006) A new efficient authentication scheme for session initiation protocol. In: 9th Joint Conference on Information SciencesGoogle Scholar
  10. 10.
    Jo H, Lee Y, Kim M, Kim S, Won D (2009) Off-line password-guessing attack to Yang’s and Huang’s authentication schemes for session initiation protocol. Fifth International Joint Conference on INC, IMS and IDC. pp. 618–621Google Scholar
  11. 11.
    Koblitz N (1987) Elliptic curve cryptosystem. Math Comput 48:203–209CrossRefMATHMathSciNetGoogle Scholar
  12. 12.
    Liu FW, Koenig H (2011) Cryptanalysis of a SIP authentication scheme. In: 12th IFIP TC6/TC11 International Conference, CMS 2011, Lecture Notes in Computer Science, Vol. 7025. 134–143Google Scholar
  13. 13.
    Miller VS (1986) Use of elliptic curves in cryptography. In: Advances in cryptology, proceedings of CRYPTO’85, vol. 218. LNCS, Springer-Verlag. p. 417–26Google Scholar
  14. 14.
    Tang H, Liu X (2013) Cryptanalysis of Arshad et al’.s ECC-based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 65(3):165–178Google Scholar
  15. 15.
    Tsai JL (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 8(3):312–316Google Scholar
  16. 16.
    Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54CrossRefGoogle Scholar
  17. 17.
    Yang CC, Wang RC, Liu WT (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24:381–386CrossRefGoogle Scholar
  18. 18.
    Yoon EJ, Shin YN, Jeon IS, Yoo KY (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27(3):203–213CrossRefGoogle Scholar
  19. 19.
    Yoon EJ, Yoo KY (2009) Cryptanalysis of DS-SIP authentication scheme using ECDH. In: International Conference on New Trends in Information and Service Science. pp. 642–647Google Scholar
  20. 20.
    Yoon EJ, Yoo KY (2009) A new authentication scheme for session initiation protocol. In: International Conference on Complex, Intelligent and Soft-ware Intensive Systems, CISIS’09. pp. 549–554Google Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Zezhong Zhang
    • 1
  • Qingqing Qi
    • 1
  • Neeraj Kumar
    • 2
  • Naveen Chilamkurti
    • 3
  • Hwa-Young Jeong
    • 4
  1. 1.North China University of Water Conservancy & Electric PowerZhengzhouChina
  2. 2.Department of Computer Science and EngineeringThapar UniversityPatialaIndia
  3. 3.Department of Computer Science and Computer EngineeringLa Trobe UniversityMelbourneAustralia
  4. 4.Humanitas CollegeKyung Hee UniversitySeoulKorea

Personalised recommendations