Top

Wireless Personal Communications

Published in:

02-08-2016

A Secure and Robust Smartcard-Based Authentication Scheme for Session Initiation Protocol Using Elliptic Curve Cryptography

Published in: Wireless Personal Communications | Issue 3/2016

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The session initiation protocol (SIP) is a signaling communications protocol, which is widely used for controlling multimedia communication sessions. Recently, Yeh et al. presented an ECC-based authenticated protocol for SIP to conquer various attacks which were found in earlier schemes. In this paper, we analyze the security of Yeh et al.’s scheme and identify that Yeh et al.’s scheme is insecure. We demonstrate the vulnerability of Yeh et al.’s scheme to resist off-line password guessing attack, and their scheme also lacks the forward secrecy. We aim to propose an efficient improvement on Yeh et al.’s scheme to overcome the security weaknesses found in Yeh et al.’s scheme, while retaining the original merits. Through the rigorous informal security analysis and the formal security analysis using the widely-accepted Burrows–Abadi–Needham logic (BAN logic), we show that our scheme is secure against various known attacks including the attacks found in Yeh et al.’s scheme. Furthermore, we simulate our scheme for the formal security analysis using the widely-accepted AVISPA (automated validation of internet security protocols and applications) tool, and show that our scheme is secure against passive and active attacks including the replay and man-in-the-middle attacks. Additionally, our proposed scheme is efficient in terms of the communication and computational overheads as compared to Yeh et al.’s scheme and other related existing schemes. To demonstrate the practicality of the scheme, we evaluate the proposed scheme using the broadly-accepted NS-2 network simulator.

previous article Erratum to: Using Improved Product-Coded Modulation Codes to Reduce the Peak-to-Average Power Ratio in Single-Carrier Frequency Division Multiple Access Systems

next article Comparative Performance Investigation of Supervised and Unsupervised Learning Outlines applied in Cognitive Radio Systems

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Arkko, J., Torvinen, V., Camarillo, G., Niemi, A., Haukka, T. (2002). Security mechanism agreement for sip sessions. draft-ietfsip-sec-agree-04. txt.

Arshad, R., & Ikram, N. (2013). Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications, 66(2), 165–178.CrossRef

Burrows, M., Abadi, M., & Needham, R. M. (1989). A logic of authentication proceedings of the royal society of London. A Mathematical and Physical Sciences, 426(1871), 233–271.MathSciNetCrossRefMATH

Caballero-Gil, C., Caballero-Gil, P., & Molina-Gil, J. (2014). Mutual authentication in self-organized vanets. Computer Standards & Interfaces, 36(4), 704–710.CrossRef

Durlanik, A., & Sogukpinar, I. (2005). Sip authentication scheme using ecdh. World Enformatika Socity Transations on Engineering Computing and Technology, 8, 350–353.

Farash, M. S. (2016). Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Networking and Applications, 9(1), 82–91.CrossRef

Gokhroo, M., Jaidhar, C., Tomar, A. (2011). Cryptanalysis of sip secure and efficient authentication scheme. In 2011 IEEE 3rd international conference on communication software and networks (ICCSN), IEEE pp. 308–310.

Khan, M. K., Zhang, J., & Wang, X. (2008). Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices. Chaotic, Solitons and Fractals, 35(3), 519–524.CrossRef

Li, C. T., & Hwang, M. S. (2010). An efficient biometric-based remote authentication scheme using smart cards. Journal of Network and Computer Applications, 33(1), 1–5.CrossRef

10.

Li, X., Niu, J. W., Ma, J., Wang, W. D., & Liu, C. L. (2011). Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 34(1), 73–79.CrossRef

11.

Basin, D., Modersheim, S., & Vigano, L. (2005). OFMC: A symbolic model checker for security protocols. International Journal of Information Security, 4(3), 181–208.CrossRef

12.

Odelu, V., Das, A. K., & Goswami, A. (2015). A secure and efficient ecc-based user anonymity preserving single sign-on scheme for distributed computer networks. Security and Communication Networks, 8(9), 1732–1751.CrossRef

13.

Lv, C., Ma, M., Li, H., Ma, J., & Zhang, Y. (2013). An novel three-party authenticated key exchange protocol using one-time key. Journal of Network and Computer Applications, 36(1), 498–503.CrossRef

14.

Automated validation of internet security protocols and applications.http://www.avispa-project.org/package/usermanual. Accessed Mar 2013.

15.

Automated validation of internet security protocols and applications, avispa web tool. http://www.avispa-project.org/web-interface/expert.php/. Accessed Dec 2014.

16.

von Oheimb, D. (2005). The high-level protocol specification language hlpsl developed in the eu project avispa. In Proceedings of APPSEM, 2005, 1–17.

17.

He, D., Chen, J., & Chen, Y. (2012). A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Security and Communication Networks, 5(12), 1423–1429.CrossRef

18.

Geneiatakis, D., Dagiuklas, T., Kambourakis, G., Lambrinoudakis, C., Gritzalis, S., Ehlert, S., et al. (2006). Survey of security vulnerabilities in session initiation protocol. IEEE Communications Surveys and Tutorials, 8(1–4), 68–81.CrossRef

19.

Keromytis, A. D. (2012). A comprehensive survey of voice over IP security research. IEEE Communications Surveys & Tutorials, 14(2), 514–537.CrossRef

20.

Geneiatakis, D., Kambourakis, G., Dagiuklas, T., Lambrinoudakis, C., Gritzalis, S. (2005) SIP Security Mechanisms: A state-of-the-art review. Proceedings of the fifth international network conference (INC 2005), (pp. 147–155).

21.

Geneiatakis, D., Kambourakis, G., Lambrinoudakis, C., Dagiuklas, T., & Gritzalis, S. (2007). A framework for protecting a SIP-based infrastructure against malformed message attacks. Computer Networks, 51(10), 2580–2593.CrossRefMATH

22.

Tsakountakis, A., Kambourakis, G., & Gritzalis, S. (2012). SIPA: Generic and secure accounting for SIP. Security and Communication Networks, 5(9), 1006–1027.CrossRef

23.

Huang, H. F., & Wei, W. C. (2006). A new efficient authentication scheme for session initiation protocol. Computing, 1, 2.

24.

Kambourakis, G. (2014). Anonymity and closely related terms in the cyberspace: An analysis by example. Journal of Information Security and Applications, 19(1), 2–17.CrossRef

25.

Jo, H., Lee, Y., Kim, M., Kim, S., & Won, D. (2009). Off-line password-guessing attack to Yang’s and Huang’s authentication schemes for session initiation protocol. In Fifth IEEE International Joint Conference on INC, IMS and IDC, Seoul, South Korea (pp. 618–621).

26.

Lee, N. Y., & Chiu, Y. C. (2005). Improved remote authentication scheme with smart card. Computer Standards & Interfaces, 27(2), 177–180.CrossRef

27.

Pu, Q. (2010). Weaknesses of sip authentication scheme for converged voip networks. IACR Cryptology ePrint Archive, 2010, 464.

28.

Rhee, H. S., Kwon, J. O., & Lee, D. H. (2009). A remote user authentication scheme without using smart cards. Computer Standards & Interfaces, 31(1), 6–13.CrossRef

29.

Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., & Sparks, R., et al. (2002). Sip: Session initiation protocol. Technical report, RFC 3261, Internet Engineering Task Force.

30.

Salsano, S., Veltri, L., & Papalilo, D. (2002). Sip security issues: The sip authentication procedure and its processing load. Network, IEEE, 16(6), 38–44.CrossRef

31.

Secure Hash Standard: FIPS PUB 180-1, National Institute of Standards and Technology (NIST), U.S. Department of Commerce, April (1995).

32.

Syverson, P., Cervesato, I. (2001). The logic of authentication protocols. In Foundations of security analysis and design (pp. 63–137). Springer.

33.

Thomas, M., et al. (2001) Sip security requirements. IETF Intemet dren (draftthomas-sip-sec-reg’OO. txt).

34.

Tsai, J. L. (2009). Efficient nonce-based authentication scheme for session initiation protocol. International Journal of Network Security, 9(1), 12–16.

35.

Tu, H., Kumar, N., Chilamkurti, N., & Rho, S. (2015). An improved authentication protocol for session initiation protocol using smart card. Peer-to-Peer Networking and Applications, 8(5), 903–910.CrossRef

36.

Wang, X. M., Zhang, W. F., Zhang, J. S., & Khan, M. K. (2007). Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards. Computer Standards & Interfaces, 29(5), 507–512.CrossRef

37.

Wu, L., Zhang, Y., & Wang, F. (2009). A new provably secure authentication and key agreement protocol for sip using ecc. Computer Standards & Interfaces, 31(2), 286–291.CrossRef

38.

Wu, S., Pu, Q., & Kang, F. (2013). Practical authentication scheme for sip. Peer-to-Peer Networking and Applications, 6(1), 61–74.CrossRef

39.

Xie, Q. (2012). A new authenticated key agreement for session initiation protocol. International Journal of Communication Systems, 25(1), 47–54.CrossRef

40.

Mishra, D., Das, A. K., & Mukhopadhyay, S. (2016). A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card. Peer-to-Peer Networking and Applications, 9(1), 171–192.CrossRef

41.

Yang, C. C., Wang, R. C., & Liu, W. T. (2005). Secure authentication scheme for session initiation protocol. Computers & Security, 24(5), 381–386.CrossRef

42.

Yeh, H. L., Chen, T. H., & Shih, W. K. (2014). Robust smart card secured authentication scheme on sip using elliptic curve cryptography. Computer Standards & Interfaces, 36(2), 397–402.CrossRef

43.

Yoon, E. J., Shin, Y. N., Jeon, I. S., & Yoo, K. Y. (2010). Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Technical Review, 27(3), 203–2013.CrossRef

44.

Yoon, E. J., Yoo, K. Y., Kim, C., Hong, Y. S., Jo, M., & Chen, H. H. (2010). A secure and efficient sip authentication scheme for converged voip networks. Computer Communications, 33(14), 1674–1681.CrossRef

45.

Das, A. K. (2016). A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Networking and Applications, 9(1), 223–244.CrossRef

46.

Mishra, D., Das, A. K., & Mukhopadhyay, S. (2014). A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Systems with Applications, 41(18), 8129–8143.CrossRef

47.

Barker, E., & Roginsky, A. (2011). SP 800–131A. Transitions: Recommendation for transitioning the use of cryptographic algorithms and key lengths.

48.

Kocher, P., Jaffe, J., Jun, B. (1999). Differential power analysis. In Proceedings of advances in cryptology—CRYPTO’99, LNCS (vol. 1666, pp. 388–397).

49.

Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.MathSciNetCrossRef

50.

Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.MathSciNetCrossRefMATH

51.

Zhang, L., Tang, S., & Cai, Z. (2014). Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card. International Journal of Communication Systems, 27(11), 2691–2702.

52.

Vanstone, S. (1992). Responses to NIST’s proposal. Communications of the ACM, 35(7), 50–52.

53.

The Network Simulator-ns-2. http://www.isi.edu/nsnam/ns/. Accessed Mar 2016.

54.

Wang, J. (2016). NS-2 Tutorial. http://www.cs.virginia.edu/c̃s757/slidespdf/cs757-ns2-tutorial1. Accessed Apr 2016.

Title: A Secure and Robust Smartcard-Based Authentication Scheme for Session Initiation Protocol Using Elliptic Curve Cryptography
Publication date: 02-08-2016
Published in: Wireless Personal Communications / Issue 3/2016
Print ISSN: 0929-6212
Electronic ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-016-3533-0

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 3/2016

An Authentication Protocol Based on Quantum Key Distribution Using Decoy-State Method for Heterogeneous IoT

Comparative Performance Investigation of Supervised and Unsupervised Learning Outlines applied in Cognitive Radio Systems

Noise Robust Speaker Identification Using RASTA–MFCC Feature with Quadrilateral Filter Bank Structure

Performance Evaluation of Dynamic Burst Mapping in a WiMAX System

Performance Analysis of Energy Efficient Virtual Back Bone Path Based Cluster Routing Protocol for WSN

Dominant Interferers in Cognitive Radio Network