Multimedia Tools and Applications

, Volume 75, Issue 4, pp 2111–2143 | Cite as

Analyzing secure key authentication and key agreement protocol for promising features of IP multimedia subsystem using IP multimedia server-client systems

  • Bakkiam David Deebak
  • Rajappa Muthaiah
  • Karuppuswamy Thenmozhi
  • Pitchai Iyer Swaminathan


Recently, Session Initiation Protocol (SIP) has become a prime signaling protocol for the multimedia communication systems, though none of the researchers have analyzed its promising features, namely access independence, authentication scheme verification, AKA (Authentication and Key Agreement) security properties, 3GPP security properties, signal congestion, bandwidth consumption and computation overhead using the physical multimedia server-client platform. To examine the issues realistically, the existing authentication schemes, such as UMTS AKA, EPS AKA, Cocktail AKA, S AKA, HL AKA and ZZ AKA were designed and developed in the multimedia server-client systems deployed on Linux platform. The cross-examination revealed that the existing schemes failed to satisfy the IMS (IP Multimedia Subsystem) promising features, like mutual authentication, session-key sharing, (perfect) forward secrecy and implicit-key authentication. Thus, this paper proposes a Secure-Key Authentication and Key Agreement protocol (SK AKA) to meet out the standard demands of IMS. To curtail its authentication steps, the secure authentication vector S AV computes and dispenses the generated vectors between the multimedia server-client systems in advance, through the serving call session control function S CSCF . As a result, the execution steps of UMTS AKA are annulled for the sake of accomplishment of the IMS features. In addition, the protocol of SK AKA integrates the strategies of Context Identity C ID and Elliptic Curve – Diffie Hellman (EC-DH) to resist most of the potential attacks like SIP flooding, forgery, man-in-the-middle, password guessing and key impersonation. To analyze the parameters, such as (SIP) Flooding Attack Detection Rate, End-To-End Delay of Multiple Voice Call Session, Call Success Rate, SIP Utilization, RTP Utilization, Call Response Time, Bandwidth Consumption and Signalling Congestion realistically, the proposed and existing authentication schemes have been coded and integrated in the real-time IMS client-server system. Above all, the thoroughgoing research has revealed that the proposed protocol of SK AKA accomplishes all the IMS challenges: 1. Adhere the promising features of IMS; 2. Attack resiliency; and 3. Fulfill the promising parameters of IMS, in comparison with the other existing schemes.


Session initiation protocol Authentication and key agreement IP multimedia subsystem Context identity Elliptic curve Diffie Hellman Serving call session control function Bandwidth consumption Signalling congestion 



The corresponding author would like to SASTRA and Tata Consultancy Services for financial assistance under the scheme of Research Scholar Program (RSP).


  1. 1.
    3GPP TS 21.133 V4.1.0 (2001) 3G security: security threats and requirementsGoogle Scholar
  2. 2.
    3GPP TS 33.401 V12.5.0 (2012) 3GPP System Architecture Evolution (SAE): security architectureGoogle Scholar
  3. 3.
    Al-Saraireh J, Yousef S (2006) A new authentication protocol for UMTS mobile networks. EURASIP J Wirel Commun Netw 2:19Google Scholar
  4. 4.
    Arapinis M, Mancini L, Ritter E, Ryan M, Golde N, Redon K, Borgaonkar R (2012) New privacy issues in mobile telephony: fix and verification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS ’12), ACM, New York, NY, USA, 2012, pp. 205–216Google Scholar
  5. 5.
    Babu BS, Venkataram P (2009) A dynamic authentication scheme for mobile transactions. Int J Netw Secur 8(1):59–74Google Scholar
  6. 6.
    Boyd C, Mathuria A (2003) Protocols for authentication and key establishment. Springer, BerlinCrossRefGoogle Scholar
  7. 7.
    Chang K-D, Chen C-Y, Hsu S-W, Chao H-C, Chen J-L (2012) Advanced path-migration mechanism for enhancing signaling efficiency in IP multimedia subsystem. KSII Trans Internet Inf Syst 6(1):305–321Google Scholar
  8. 8.
    Chang CC, Lee JS, Chang YF (2005) Efficient authentication protocols of GSM. Comput Commun 28:921–928CrossRefGoogle Scholar
  9. 9.
    Chen C-Y, Tin-Yu W, Huang Y-M, Chao H-C (2008) An efficient end-to-end security mechanism for IP multimedia subsystem. Comput Commun 31(18):4259–4268CrossRefGoogle Scholar
  10. 10.
    Chen YW, Wang JT, Chi KH, Tseng CC (2010) Group-based authentication and key agreement. Wireless Pers Commun 62(4):965–979CrossRefGoogle Scholar
  11. 11.
    Choi Y, Kim S (2004) An improvement on privacy and authentication in GSM. In Proceedings of workshop on information security applications (WISA 2004), pp. 14–16Google Scholar
  12. 12.
    Dominguez AP (2006) Cryptanalysis of Park’s authentication protocol in wireless mobile communication systems. Int J Netw Secur 3(3):279–282MathSciNetGoogle Scholar
  13. 13.
    Fadullah ZM, Taleb T, Vasilakos AV, Guizani M, Kato N (2010) DTRAB: combating against attacks on encrypted protocols through traffic-feature analysis. IEEE ACM T Netw 18(4):1234–1247CrossRefGoogle Scholar
  14. 14.
    Gardezi AI (2006) Security in wireless cellular networks. Washington University in St. Louis, St. LouisGoogle Scholar
  15. 15.
    Harn L, Hsin WJ (2003) On the security of wireless network access with enhancements. In:2nd ACM Workshop on Wireless Security, San Diego, CA, USA, p. 88–95. doi: 10.1145/941311.941325
  16. 16.
    Huang CM, Li JW (2005) Authentication and key agreement protocol for UMTS with low bandwidth consumption. In Proceeding of the 19th international conference on information networking and applications (AINA 2005), IEEE, 28–30th March 2005, pp. 392–397Google Scholar
  17. 17.
    Huang YL, Shen CY, Shieh SW (2011) S-AKA: a provable and secure authentication key agreement protocol for UMTS networks. IEEE T Veh Technol 60(9):4509–4519CrossRefGoogle Scholar
  18. 18.
    Juang WS, Wu JL (2007) Efficient 3GPP authentication and key agreement with robust user privacy protection. In Proceeding of the IEEE communications and networking conference (WCNC2007), Kowloon, 11–15 March 2007, pp. 2720–2725Google Scholar
  19. 19.
    Lee C-C, Chen C-L, Hsia-Hung O, Chen LA (2013) Extension of an Efficient 3GPP Authentication and Key Agreement Protocol. Wirel Personal Commun 68:861–872CrossRefGoogle Scholar
  20. 20.
    Lee CC, Hwang MS, Liao IE (2006) Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE T Ind Elect 53(5):1683–1687CrossRefGoogle Scholar
  21. 21.
    Lee CC, Hwang MS, Liao IE (2008) A new authentication protocol based on pointer forwarding for mobile communications. Wirel Commun Mob Comput 8:661–672CrossRefGoogle Scholar
  22. 22.
    Lee CC, Hwang MS, Yang WP (2003) Extension of authentication protocol for GSM. IEE Proceedings-Commun 150(2):91–95CrossRefGoogle Scholar
  23. 23.
    Liang XH, Li X, Lu RX, Lin XD, Shen XM (2012) Enabling pervasive healthcare with privacy preservation in smart community. In: 2012 I.E. International Conference on Communications (ICC), 10–15 June 2012, pp. 3451–3455Google Scholar
  24. 24.
    Liang XH, Lu RX, Chen L, Lin XD, Shen XM (2011) PEC: a privacy preserving emergency call scheme for mobile healthcare social networks. J Commun Netw 13(2):102–112CrossRefGoogle Scholar
  25. 25.
    Lifei Wei, Haojin Zhu, Zhenfu Cao, Weiwei Jia, Athanasios V Vasilakosb (2014) SecCloud: Bridging Secure Storage and Computation in Cloud. In: Proceedings of the 2010 I.E. 30th International Conference on Distributed Computing Systems Workshops (ICDCSW), Genova, 21–25 June 2010, pp 52–61Google Scholar
  26. 26.
    Lin YB, Chang MF, Hsu MT, Wu LY (2005) One-pass GPRS and IMS authentication procedure for UMTS. IEEE J Sel Areas Commun 23(6):1233–1239CrossRefGoogle Scholar
  27. 27.
    Liu B, Bi J, Vasilakos AV (2014) Toward incentivizing anti-spoofing deployment. IEEE T Inf Foren Sec 9(3):436–450CrossRefGoogle Scholar
  28. 28.
    Mao W (2004) Modern cryptography theory and practice. Prentice Hall, New YorkGoogle Scholar
  29. 29.
    Menezes AJ, Oorschot PC, Vanstone SA (1997) Handbook of applied cryptograph. CRC Press, New YorkGoogle Scholar
  30. 30.
    Meyer U, Wetzel S (2004) A man-in-the-middle attack on UMTS, in: Proc. 3rd ACM WiSe, New York, 2004, pp. 90–97Google Scholar
  31. 31.
    Ntop. (2012) A traffic analysis tool : Online :
  32. 32.
    OpenIMSCore (2009) Website Link:
  33. 33.
    Ou HH, Hwang MS, Jan JK (2010) A cocktail protocol with the authentication and key agreement on the UMTS. J Syst Softw 83(2):316–325CrossRefGoogle Scholar
  34. 34.
    Poikselka M, Mayer G, Khartabil H, Niemi A (2006) The IMS: IP multimedia concepts and services. Second Edition, John Wiley & SonsGoogle Scholar
  35. 35.
    Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M, Schooler E (2002) SIP: Session Initiation Protocol, IETF, IETF RFC 3261Google Scholar
  36. 36.
    Shen JJ, Lin CY, Yang HW (2005) Cryptanalysis of a new efficient mAKEP for wireless communications. Int J Netw Secur 1(2):118–121Google Scholar
  37. 37.
    Shneier B (1996) Applied cryptography, 2nd edn. Wiley, New YorkGoogle Scholar
  38. 38.
    Stinson D (2002) Cryptography theory and practice, 2nd edn. Chapman & Hall/CRC, London/Boca RatonGoogle Scholar
  39. 39.
    UCTIMS (2012) Website Link:
  40. 40.
    Weia L, Zhua H, Caoa Z, Donga X, Jiaa W, Chena Y, Athanasios AV (2014) Security and privacy for storage and computation in cloud computing. Inf Sci 258:371–386CrossRefGoogle Scholar
  41. 41.
    Wu S, Zhu Y, Pu Q (2010) Security analysis of a cocktail protocol with the authentication and key agreement on the UMTS. IEEE Commun Lett 14(4):366–368CrossRefGoogle Scholar
  42. 42.
    Yan Z, Zhang P, Vasilakos AV (2014) A survey on trust management for Internet of Things. J Netw Comput Appl 42:120–134CrossRefGoogle Scholar
  43. 43.
    Yang CC, Chu KH, Yang YW (2006) 3G and WLAN interworking security: current status and key. Int Jf NetwSecur 2(1):1–13MathSciNetGoogle Scholar
  44. 44.
    Yang H, Zhang Y, Zhou Y, Xiaoming F, Liu H, Vasilakos AV (2014) Provably secure three-party authenticated key agreement protocol using smart cards. Comput Netw 58:29–38CrossRefGoogle Scholar
  45. 45.
    Zhang M (2003) Provably-secure enhancement on 3GPP authentication and key agreement protocol, Verizon Commun., Cryptology ePrint Archive Rep. 2003/092, 2003Google Scholar
  46. 46.
    Zhang M, Fang Y (2005) Security analysis and enhancements of 3GPP authentication and key agreement protocol. IEEE T Wirel Commun 4(2):734–742CrossRefGoogle Scholar
  47. 47.
    Zhang Z, Qi Q, Kumar N, Chilamkurti N, Hwa-Young (2014) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimedia Tools and Applications. doi: 10.1007/s11042-014-1885-6 Google Scholar
  48. 48.
    Zhang X, Zhou F, Zhu X, Sun H, Perrig A, Vasilakos AV, Guan H (2014) DFL: secure and practical fault localization for data center networks. IEEE ACM T Netw 22(4):1218–1231CrossRefGoogle Scholar
  49. 49.
    Zhu HJ, Lin XD, Shi MH, Ho PH, Shen XM (2009) PPAB: a privacy preserving authentication and billing architecture for metropolitan area sharing networks. IEEE Trans Veh Technol 58(5):2529–2543CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  • Bakkiam David Deebak
    • 1
  • Rajappa Muthaiah
    • 1
  • Karuppuswamy Thenmozhi
    • 2
  • Pitchai Iyer Swaminathan
    • 1
  1. 1.School of ComputingSASTRA UniversityThanjavurIndia
  2. 2.School of Electrical and ElectronicsSASTRA UniversityThanjavurIndia

Personalised recommendations