Abstract
Recently, Lu et al. discussed a user authentication scheme for session initiation protocol(SIP) using elliptic curve cryptography (ECC). In this paper, we cryptanalyze this scheme and find that it is not resistant to the insider attack besides user anonymity. We improve this scheme by overcoming its weaknesses. We show using the Burrows-Abadi-Needham (BAN) logic that our scheme offers mutual authentication. We examine the security of our scheme informally to show that it is secured against various known attacks. Our scheme is more secured than the other related schemes (Lu et al., Inf Techno Control 45(4):393–400, 2016; Arshad and Ikram, Multimed Tools Appl 66(2):165–178, 2013; Kumari et al., Peer-to-Peer Netw Appl 10(1):92–105, 2017; Chaudhry et al., Peer-to-Peer Netw Appl 10(1):1–15, 2017).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
R. Arshad, N. Ikram, Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed. Tools Appl. 66(2), 165–178 (2013)
M. Burrows, M. Abadi, R.M. Needham, A logic of authentication, in Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences, vol. 426 (The Royal Society, 1989), pp. 233–271
S.A. Chaudhry, M.S. Farash, H. Naqvi, S. Kumari, M.K. Khan, An enhanced privacy preserving remote user authentication scheme with provable security. Secur. Commun. Netw. 8(18), 3782–3795 (2015)
S.A. Chaudhry, H. Naqvi, M. Sher, M.S. Farash, M.U. Hassan, An improved and provably secure privacy preserving authentication protocol for SIP. Peer Peer Netw. Appl. 10(1), 1–15 (2017)
W. Diffie, M. Hellman, New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
A. Durlanik, I. Sogukpinar, SIP authentication scheme using ECDH. Screen 137, 3367 (2005)
M. Heydari, S.M.S. Sadough, M.S. Farash, S.A. Chaudhry, K. Mahmood, An efficient password-based authenticated key exchange protocol with provable security for mobile client–client networks. Wirel. Pers. Commun. 88(2), 337–356 (2016)
H.H. Kilinc, T. Yanik, A survey of SIP authentication and key agreement schemes. IEEE Commun. Surv. Tutorials 16(2), 1005–1023 (2014)
S. Kumari, S.A. Chaudhry, F. Wu, X. Li, M.S. Farash, M.K. Khan, An improved smart card based authentication scheme for session initiation protocol. Peer-to-Peer Netw. Appl. 10(1), 92–105 (2017)
L. Lamport, Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
Y. Lu, L. Li, H. Peng, Y. Yang, An advanced elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Inf. Technol. Control 45(4), 393–400 (2016)
S. Salsano, L. Veltri, D. Papalilo, SIP security issues: the SIP authentication procedure and its processing load. IEEE Netw. 16(6), 38–44 (2002)
J.L. Tsai, Efficient nonce-based authentication scheme for session initiation protocol. IJ Netw. Secur. 9(1), 12–16 (2009)
J.L. Tsai, N.W. Lo, T.C. Wu, Novel anonymous authentication scheme using smart cards. IEEE Trans. Ind. Inf. 9(4), 2004–2013 (2013)
C.C. Yang, R.C. Wang, W.T. Liu, Secure authentication scheme for session initiation protocol. Comput. Secur. 24(5), 381–386 (2005)
H.L. Yeh, T.H. Chen, W.K. Shih, Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Comput. Stand. Interfaces 36(2), 397–402 (2014)
E.J. Yoon, K.Y. Yoo, Cryptanalysis of DS-SIP authentication scheme using ECDH, in 3rd International Conference on New Trends in Information and Service Science (IEEE, 2009), pp. 642–647
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Kumar, D. (2018). Cryptanalysis and Improvement of a User Authentication Scheme for SIP. In: Woungang, I., Dhurandher, S. (eds) International Conference on Wireless, Intelligent, and Distributed Environment for Communication. WIDECOM 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 18. Springer, Cham. https://doi.org/10.1007/978-3-319-75626-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-75626-4_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75625-7
Online ISBN: 978-3-319-75626-4
eBook Packages: EngineeringEngineering (R0)