An improved authentication protocol for session initiation protocol using smart card
- 560 Downloads
The session initiation protocol (SIP) is the most widely used signaling protocol for controlling communication on the Internet, establishing, maintaining, and terminating the sessions. To get secure communication, many authentication protocols for SIP have been proposed. Very recently, Zhang et al. proposed a new authenticated key agreement protocol for SIP using smart card. They also show their protocol could withstand various attacks. However, in this paper, we point out that their protocol is vulnerable to the impersonation attack. We also propose an improved protocol to overcome the weakness. Security analysis shows that our protocol could overcome the weaknesses in Zhang et al.’s protocol. Performance analysis shows that the computational cost in the authentication phase of our protocol is about 75 % of Zhang et al.’s protocol.
KeywordsKey agreement Mutual authentication Session initiation protocol Elliptic curve
This work was supported by the National Research Foundation of Korea Grant funded by the Korean Government (NRF- 13S1A5B6044042).
Conflict of Interest
The author declares that he has no conflict of interest.
- 1.Franks J, Hallam-Baker PM, Hostetler JL, Lawrence SD, Leach PJ, Luotonen A, Stewart LC (1999) HTTP authentication: basic and digest access authentication. Internet RFC2617Google Scholar
- 3.Huang H, Wei W, Brown G (2006) A new efficient authentication scheme for session initiation protocol. Proc JCIS(06)Google Scholar
- 4.Jo H, Lee Y, Kim M, Kim S, Won D (2009) Off-line password-guessing attack to Yang’s and Huang’s authentication schemes for session initiation protocol. Proc INC, IMS IDC 618–621Google Scholar
- 5.Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. World Enformatika Soc Trans Eng Comput Technol 8:350–353Google Scholar
- 8.Pu Q (2010) Weaknesses of SIP authentication scheme for converged VoIP networks. IACR Cryptol ePrint Arch 2010(464)Google Scholar
- 9.Gokhroo MK, Jaidhar CD (2011) Tomar AS cryptanalysis of SIP secure and efficient authentication scheme. Proc ICCSN 2011:308–310Google Scholar
- 10.Tsai JL (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 9:12–16Google Scholar
- 16.Kocher P, Jaffe J, Jun B (1999) Differential power analysis, Proceedings of Crypto ‘99, pp. 388–397, Springer-VerlagGoogle Scholar