Skip to main content
SpringerLink
Log in

A single round-trip SIP authentication scheme for Voice over Internet Protocol using smart card

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

The Session Initiation Protocol (SIP) has revolutionized the way of controlling Voice over Internet Protocol (VoIP) based communication sessions over an open channel. The SIP protocol is insecure for being an open text-based protocol inherently. Different solutions have been presented in the last decade to secure the protocol. Recently, Zhang et al. authentication protocol has been proposed with a sound feature that authenticates the users without any password-verifier database using smart card. However, the scheme has a few limitations and can be made more secure and optimized regarding cost of exchanged messages, with a few modifications. Our proposed key-agreement protocol makes a use of two server secrets for robustness and is also capable of authenticating the involved parties in a single round-trip of exchanged messages. The server can now authenticate the user on the request message received, rather than the response received upon sending the challenge message, saving another round-trip of exchanged messages and hence escapes a possible denial of service attack.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Abdalla M, Pointcheval D (2005) Simple password based encrypted key exchange protocols (CT-RSA 2005)

  2. Arshad R, Ikram N (2011) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl. doi:10.1007/s11042-011-0787-0

    Google Scholar 

  3. Atkinson R. Security architecture for the Internet protocol, RFC 1825

  4. Bellare M, Pointcheval D, Rogaway P (2000) Authenticated key exchange secure against dictionary attacks (Crypto 2000)

  5. Boyko V, MacKenzie PD, Patel S (2000) Provably secure password authenticated key exchange using diffie-hellman (Crypto 2000)

  6. Callegari C, Garroppo RG, Giordano S, Pagano M (2009) Security and delay issues in SIP systems. Int J Commun Syst 22:1023–1044

    Article  Google Scholar 

  7. Certicom Research Standard for efficient cryptography, SEC 1, 2000: EC Cryptography. Ver. 1.0

  8. Debiao H, Jianhua C, Yitao C (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography, Published online in Wiley Online Library wileyonlinelibrary.com. Security Comm Netw. doi:10.1002/sec.506

    Google Scholar 

  9. Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory IT-22:644–654

    Article  MathSciNet  Google Scholar 

  10. Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. World Enformatika Soc Trans Eng Comput Technol 8:350–353

    Google Scholar 

  11. Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L (1999) HTTP authentication: basic and digest access authentication, IETF RFC2617

  12. Geneiatakis D, Dagiuklas T, Kambourakis G, Lambrinoudakis C, Gritzalis S, Ehlert S (2006) Survey of security vulnerabilities in session initiation protocol. IEEE Commun Surv Tutorials 8(3):68–81

    Article  Google Scholar 

  13. Hongbin T, Xinsong L (2012) Cryptanalysis of Arshad et al.’s ECC-based mutual authentication scheme for session initiation protocol. Multimed Tools Appl. doi:10.1007/s11042-012-1001-8

    Google Scholar 

  14. Huang H, Wei W, Brown G (2006) A new efficient authentication scheme for session initiation protocol. Proceedings of JCIS 06

  15. Hussain TH, Marimuthu PN, Habib SJ (2012) Supporting multimedia applications through network redesign. Int J Commun Syst. doi:10.1002/dac.2371

    Google Scholar 

  16. Irshad A, Noshairwan W, Shafiq M, Khurram S, Irshad E, Usman M (2008) Security enhancement in MANET authentication by checking the CRL status of servers. Int J Adv Sci Technol 1:91–98

    Google Scholar 

  17. Jo H, Lee Y, Kim M, Kim S, Won D (2009) Off-line password-guessing attack to Yang’s and Huang’s authentication schemes for session initiation ptorocol. Proceedings of INC, IMS and IDC, pp 618–621

  18. Karig D, Lee R (2001) Remote denial of service attacks and countermeasures. Department of Electrical Engineering, Princeton University, Technical Report CE-L2001-002

  19. Kent S, Atkinson R (1998) Security architecture for the Internet protocol, RFC 2401

  20. Kilian J (1992) A note on efficient zero-knowledge proofs and arguments. In: Proc. 24th Annual ACM Symposium on Theory of Computing, Victoria BC, pp 723–732

  21. Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48:203–209

    Article  MATH  MathSciNet  Google Scholar 

  22. Lee CC (2009) On security of an efficient nonce based authentication scheme for SIP. Int J Netw Secur 3:201–203

    Google Scholar 

  23. Li J-S, Kao C-K, Tzeng J-J (2011) VoIP secure session assistance and call monitoring via building security gateway. Int J Commun Syst 24:837–851

    Article  Google Scholar 

  24. Lu R, Cao Z (2006) Off-line password guessing attack on an efficient key agreement protocol for secure authentication. Int J Netw Secur 3(1):35–38

    Google Scholar 

  25. Menezes AJ, Oorschot PC, Vanstone SA (1997) Handbook of applied cryptograph. CRC Press, New York

    Google Scholar 

  26. Miller V (1986) Uses of elliptic curves in cryptography. In: Advances in cryptology CRYPTO’85, Lecture Notes in Computer Science, vol. 218. Springer-Verlag, pp 417–426

  27. Pu Q (2010) Weaknesses of SIP authentication scheme for converged VoIP networks, http://eprint.iacr.org/2010/464

  28. Raeburn K (2005) Encryption and checksum specifications for Kerberos 5, RFC 3961

  29. Rescorla E (2000) SSL and TLS: designing and building secure systems. Addison-Wesley, New York

    Google Scholar 

  30. Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M, Schooler E (2002) SIP: session initiation protocol, IETF RFC3261

  31. Schneider B (1996) Applied cryptography second edition: protocols, algorithms, and source code in C. John Wiley & Sons Inc., Hoboken

    Google Scholar 

  32. Thomas M (2001) SIP security requirements. IETF internet draft (draftthomas-sipsec-reg-00.txt), work in progress

  33. Tsai J (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 8(3):312–316

    Google Scholar 

  34. Veltri L, Salsano S, Papalilo D (2002) SIP security issues: the SIP authentication procedure and its processing load. IEEE Netw 16(6):38–44

    Article  Google Scholar 

  35. Wang B, Li ZQ (2006) A forward-secure user authentication scheme with smart cards. Int J Netw Secur 3(2):116–119

    Google Scholar 

  36. Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comput Stand Interfaces 31(2):286–291

    Article  Google Scholar 

  37. Xie Q (2011) A new authenticated key agreement for session initiation protocol. Int J Commun Syst. doi:10.1002/dac.1286

    Google Scholar 

  38. Yang C, Wang R, Liu WT (2005) Secure authentication scheme for session initiation protocol. Comput Secur 4:381–386

    Article  Google Scholar 

  39. Ylonen T, Lonvick C (2006) (Eds) The secure shell (SSH) Transport layer protocol, RFC 4253

  40. Yoon EJ, Koo KY (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27(3):203–213

    Article  Google Scholar 

  41. Zhang L, Tang S, Cai Z (2013) Efficient and flexible password authenticated key agreement for Voice over Internet Protocol session initiation protocol using smart card. Int J Comm Syst

  42. Zhou L, Chao H-C, Vasilakos A (Aug. 2011) Joint forensics-scheduling strategy for delay-sensitive multimedia applications over heterogeneous networks. IEEE J Sel Areas Commun 29(7):1358–1367

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science & Software Engineering, Faculty of Basic and Applied Sciences, International Islamic University, Islamabad, Pakistan

    Azeem Irshad, Muhammad Sher,  Eid Rehman, Shehzad Ashraf Ch, Mahmood Ul Hassan & Anwar Ghani

Authors
  1. Azeem Irshad
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Muhammad Sher
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eid Rehman
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shehzad Ashraf Ch
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mahmood Ul Hassan
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Anwar Ghani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Azeem Irshad.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Irshad, A., Sher, M., Eid Rehman et al. A single round-trip SIP authentication scheme for Voice over Internet Protocol using smart card. Multimed Tools Appl 74, 3967–3984 (2015). https://doi.org/10.1007/s11042-013-1807-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-013-1807-z

Keywords

Search

Navigation