Enhanced Session Initiation Protocols for Emergency Healthcare Applications

  • Saha Sourav
  • Vanga OdeluEmail author
  • Rajendra Prasath
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 969)


In medical emergencies, an instant and secure messaging is an important service to provide quality healthcare services. A session initiation protocol (SIP) is an IP-based multimedia and telephony communication protocol used to provide instant messaging services. Thus, design of secure and efficient SIP for quality medical services is an emerging problem. In this paper, we first explore the security limitations of the existing SIPs proposed by Sureshkumar et al. and Zhang et al. in the literature. Our analysis shows that most of the existing schemes fail to protect the user credentials when unexpectedly the session-specific ephemeral secrets revealed to an adversary by the session exposure attacks. We then present a possible improvement over Sureshkumar et al.’s scheme without increasing the computational cost. We compare the proposed improvement for computational overheads and security features with the various related existing schemes in the literature.


Security Privacy Session initiation protocol Authentication Emergency healthcare 


  1. 1.
    Hussain, A., Wenbi, R., da Silva, A.L., Nadher, M., Mudhish, M.: Health and emergency-care platform for the elderly and disabled people in the smart city. J. Syst. Softw. 110, 253–263 (2015)CrossRefGoogle Scholar
  2. 2.
    Alesanco, A., García, J.: Clinical assessment of wireless ECG transmission in real-time cardiac telemonitoring. IEEE Trans. Inf. Technol. Biomed. 14(5), 1144–1152 (2010)CrossRefGoogle Scholar
  3. 3.
    Thelen, S., Czaplik, M., Meisen, P., Schilberg, D., Jeschke, S.: Using off-the-shelf medical devices for biomedical signal monitoring in a telemedicine system for emergency medical services. In: Jeschke, S., Isenhardt, I., Hees, F., Henning, K. (eds.) Automation, Communication and Cybernetics in Science and Engineering 2015/2016, pp. 797–810. Springer, Cham (2016). Scholar
  4. 4.
    Islam, S.K.H., Vijayakumar, P., Bhuiyan, M.Z.A., Amin, R., Balusamy, B., et al.: A provably secure three-factor session initiation protocol for multimedia big data communications. IEEE Internet Things J. 5(5), 3408–3418 (2017)CrossRefGoogle Scholar
  5. 5.
    Goode, B.: Voice over internet protocol (VoIP). Proc. IEEE 90(9), 1495–1517 (2002)CrossRefGoogle Scholar
  6. 6.
    Mishra, D., Das, A.K., Mukhopadhyay, S.: A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card. Peer-to-Peer Netw. Appl. 9(1), 171–192 (2016)CrossRefGoogle Scholar
  7. 7.
    Farash, M.S.: Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Network. Appl. 9(1), 82–91 (2016)CrossRefGoogle Scholar
  8. 8.
    Campbell, B., Rosenberg, J., Schulzrinne, H., Huitema, C., Gurle, D.: Session initiation protocol extension for instant messaging (2002)Google Scholar
  9. 9.
    Franks, J., et al.: Http authentication: Basic and digest access authentication. Technical report (1999)Google Scholar
  10. 10.
    Salsano, S., Veltri, L., Papalilo, D.: SIP security issues: the SIP authentication procedure and its processing load. IEEE Network 16(6), 38–44 (2002)CrossRefGoogle Scholar
  11. 11.
    Keromytis, A.D.: A comprehensive survey of voice over IP security research. IEEE Commun. Surv. Tutor. 14(2), 514–537 (2012)CrossRefGoogle Scholar
  12. 12.
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001). Scholar
  13. 13.
    Odelu, V., Das, A.K., Wazid, M., Conti, M.: Provably secure authenticated key agreement scheme for smart grid. IEEE Trans. Smart Grid 9(3), 1900–1910 (2016)Google Scholar
  14. 14.
    Odelu, V., Das, A.K., Goswami, A.: A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans. Inf. Forensics Secur. 10(9), 1953–1966 (2015)CrossRefGoogle Scholar
  15. 15.
    Stallings, W.: Cryptography and Network Security: Principles and Practices, 3/e edn. Prentice Hall, Cloth (2003)Google Scholar
  16. 16.
    Sarkar, P.: A simple and generic construction of authenticated encryption with associated data. ACM Trans. Inf. Syst. Secur. 13(4), 33 (2010)CrossRefGoogle Scholar
  17. 17.
    Stinson, D.R.: Some observations on the theory of cryptographic hash functions. Des. Codes Cryptogr. 38(2), 259–277 (2006)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Yang, C.-C., Wang, R.-C., Liu, W.-T.: Secure authentication scheme for session initiation protocol. Comput. Secur. 24(5), 381–386 (2005)CrossRefGoogle Scholar
  19. 19.
    Zhang, Z., Qi, Q., Kumar, N., Chilamkurti, N., Jeong, H.-Y.: A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed. Tools Appl. 74(10), 3477–3488 (2015)CrossRefGoogle Scholar
  20. 20.
    Yanrong, L., Li, L., Peng, H., Yang, Y.: A secure and efficient mutual authentication scheme for session initiation protocol. Peer-to-Peer Network. Appl. 9(2), 449–459 (2016)CrossRefGoogle Scholar
  21. 21.
    Hang, T., Kumar, N., Chilamkurti, N., Rho, S.: An improved authentication protocol for session initiation protocol using smart card. Peer-to-Peer Network. Appl. 8(5), 903–910 (2015)CrossRefGoogle Scholar
  22. 22.
    Chaudhry, S.A., Naqvi, H., Sher, M., Farash, M.S., Hassan, M.U.: An improved and provably secure privacy preserving authentication protocol for SIP. Peer-to-Peer Network. Appl. 10(1), 1–15 (2017)CrossRefGoogle Scholar
  23. 23.
    Lu, Y., Li, L., Peng, H., Yang, Y.: An anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography. Multimed. Tools Appl. 76(2), 1801–1815 (2017)CrossRefGoogle Scholar
  24. 24.
    Arshad, H., Nikooghadam, M.: An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimed. Tools Appl. 75(1), 181–197 (2016)CrossRefGoogle Scholar
  25. 25.
    Sureshkumar, V., Amin, R., Anitha, R.: A robust mutual authentication scheme for session initiation protocol with key establishment. Peer-to-Peer Network. Appl. 11(5), 900–916 (2018)CrossRefGoogle Scholar
  26. 26.
    He, D., Kumar, N., Lee, J.-H., Sherratt, R.: Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Trans. Consum. Electron. 60(1), 30–37 (2014)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Indian Institute of Information Technology Sri CitySri CityIndia
  2. 2.Birla Institute of Technology and Science PilaniHyderabadIndia

Personalised recommendations