Abstract
Session Initiation Protocol (SIP) is an essential part of most Voice over Internet Protocol (VoIP) architecture. Although SIP provides attractive features, it is exposed to various security threats, and so an efficient and secure authentication scheme is sought to enhance the security of SIP. Several attempts have been made to address the tradeoff problem between security and efficiency, but designing a successful authenticated key agreement protocol for SIP is still a challenging task from the viewpoint of both performance and security, because performance and security as two critical factors affecting SIP applications always seem contradictory. In this study, we employ biometrics to design a lightweight privacy preserving authentication protocol for SIP based on symmetric encryption, achieving a delicate balance between performance and security. In addition, the proposed authentication protocol can fully protect the privacy of biometric characteristics and data identity, which has not been considered in previous work. The completeness of the proposed protocol is demonstrated by Gong, Needham, and Yahalom (GNY) logic. Performance analysis shows that our proposed protocol increases efficiency significantly in comparison with other related protocols.
Similar content being viewed by others
References
Rosenberg J, Schulzrinne H et al. (2002) SIP: Session Initiation Protocol. RFC 3261, June
Geneiatakis D, Lambrinoudakis C, Kambourakis G (2008) An ontology based-policy for deploying secure sip-based voip services. Comput Secur 27(7–8):285–297
Franks J, Hallam-Baker P, Hostetler J et al. (1999) HTTP Authentication: Basic and Digest Access Authentication. Internet Engineering Task Force, RFC 2617
Kilinc HH, Yanik T (2013) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor. doi:10.1109/SURV.2013.091513.00050
Yanik T, Kilinc HH, Sarioz M, Erdem SS (2008) Evaluating SIP Proxy Servers Based on Real Performance Data. SPECTS2008
Yang C, Wang R, Liu W (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24:381–386
Jo H, Lee Y et al. (2009) Off-line Password-Guessing Attack to Yang’s and Huang’s Authentication Schemes for Session Initiation Protocol. In proceedings of INC, IMS and IDC, pp. 618–621
Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. Enformatika 8:350–353
Yoon E-J, Yoo K-Y (2009) Cryptanalysis of DS-SIP Authentication Scheme Using Ecdh. In Proceedings of the 2009 International Conference on New Trends in Information and Service Science, Washington, DC, USA, pp. 642–647
Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comput Stand Interfaces 31(2009):286–291
Yoon EJ, Yoo KY et al (2010) A secure and efficient SIP authentication scheme for converged VoIP networks. Comput Commun 33(2010):1674–1681
Srinivasan R, Vaidehi V, Harish K, LakshmiNarasimhan K, LokeshwerBabu S, Srikanth V (2005) Authentication of Signaling in VoIP Applications. In APCC, Perth, Australia, October
Nodooshan AM, Darmani Y et al (2009) A robust and efficient SIP authentication scheme. Commun Comput Inf Sci 6:551–558
Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2013):165–178
He D, Chen J, Chen Y (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Netw 5(12):1423–1429
Pu Q, Wang J, Wu S (2013) Secure SIP authentication scheme supporting lawful interception. Secur Commun Netw 6:340–350
Yoon E, Yoo K (2010) A three-factor authenticated key agreement scheme for SIP on elliptic curves. 2010 Fourth International Conference on Network and System Security, pp 334–339
Yeh H-L, Chen T-H, Shih W-K (2013) Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Comput Stand Interfaces 36(2):397–402
Ring J, Choo K-KR, Foo E, Looi M, Ne A (2006) Authentication Mechanism and Key Agreement Protocol for SIP Using Identitybased Cryptography. In AusCERT Asia Pacific Information Technology Security Conference, Gold Coast, Australia, 23 May, pp 61–72
Han K, Yeun C, Kim K (2008) Design of Secure VoIP using ID-Based Cryptosystem. In The Symposium on Cryptography and Information Security (SCIS2008), Miyazaki,Japan, Jan. 22–25
Wang F, Zhang Y (2008) A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Comput Commun 31(10):2142–2149
Li X, Zhang Y, Zhang G (2012) A new certificateless authenticated key agreement protocol for SIP with different KGCs. Secur Commun Netw. doi:10.1002/SEC.595
Tao C, Qiang G, Baohong H (2008) A lightweight authentication scheme for session initiation protocol. In Proc. ICCCAS, pp 502–505
Tsai JL (2009) Efficient Nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 9(1):12–16
Yoon E, Shin Y, Jeon I, Yoo K (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27(2010):203–213
Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54
Khan MK, Zhang J (2007) Improving the security of ‘a flexible biometrics remote user authentication scheme’. Comput Stand Interfaces 29(2007):82–85
Yoon E-J, Yoo K-Y (2013) Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 63:235–255
Yan X, Li W, Li P, Wang J, Hao X, Gong P (2013) A secure biometrics-based authentication scheme for telecare medicine information systems. J Med Syst 37:9972. doi:10.1007/s10916-013-9972-1
Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33:1–5
Chen C-L, Lee C-C, Hsu C-Y (2012) Mobile device integration of a fingerprint biometric remote authentication scheme. Int J Commun Syst 25:585–597
Chuang M, Chen M (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Exp Syst Appl 41(2014):1411–1418
Li X, Niu J et al (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(2011):73–79
Hao F, Anderson R, Daugman J (2006) Combining cryptography with biometrics effectively. IEEE Trans Comput 55(9):1081–1088
Gong L, Needham R, Yahalom R (1990) Reasoning about belief in cryptographic protocols. Proceedings of IEEE Computer Society Symp. Research in Security and Privacy, Oakland, CA, 7–9 May, pp 234–248
Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8:18–36
Acknowledgments
This work was supported by the National Natural Science Foundation of China [grant numbers 61303237, 61272469]; the Wuhan Scientific Research Program [grant number 2013010501010144]; China Postdoctoral Fund [grant number 2012194091]; and the Fundamental Research Funds for the Central Universities [Grant number 2013199037].
Author information
Authors and Affiliations
Corresponding author
Additional information
Shanyu Tang is a Senior Member, IEEE.
Rights and permissions
About this article
Cite this article
Zhang, L., Tang, S. & Zhu, S. A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP. Peer-to-Peer Netw. Appl. 9, 108–126 (2016). https://doi.org/10.1007/s12083-014-0317-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-014-0317-8