Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Peer-to-Peer Networking and Applications
Published in: Peer-to-Peer Networking and Applications 5/2015

01-09-2015

An improved authentication protocol for session initiation protocol using smart card

Authors: Hang Tu, Neeraj Kumar, Naveen Chilamkurti, Seungmin Rho

Published in: Peer-to-Peer Networking and Applications | Issue 5/2015

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

The session initiation protocol (SIP) is the most widely used signaling protocol for controlling communication on the Internet, establishing, maintaining, and terminating the sessions. To get secure communication, many authentication protocols for SIP have been proposed. Very recently, Zhang et al. proposed a new authenticated key agreement protocol for SIP using smart card. They also show their protocol could withstand various attacks. However, in this paper, we point out that their protocol is vulnerable to the impersonation attack. We also propose an improved protocol to overcome the weakness. Security analysis shows that our protocol could overcome the weaknesses in Zhang et al.’s protocol. Performance analysis shows that the computational cost in the authentication phase of our protocol is about 75 % of Zhang et al.’s protocol.
previous article Cost and performance effective data center selection system for scientific federated cloud
next article A granular approach for user-centric network analysis to identify digital evidence

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
Literature
1.
Franks J, Hallam-Baker PM, Hostetler JL, Lawrence SD, Leach PJ, Luotonen A, Stewart LC (1999) HTTP authentication: basic and digest access authentication. Internet RFC2617
2.
Yang C, Wang R, Liu W (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24:381–386CrossRef
3.
Huang H, Wei W, Brown G (2006) A new efficient authentication scheme for session initiation protocol. Proc JCIS(06)
4.
Jo H, Lee Y, Kim M, Kim S, Won D (2009) Off-line password-guessing attack to Yang’s and Huang’s authentication schemes for session initiation protocol. Proc INC, IMS IDC 618–621
5.
Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. World Enformatika Soc Trans Eng Comput Technol 8:350–353
6.
Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comput Stand Interfaces 31:286–291MathSciNetCrossRef
7.
Yoon EJ, Yoo KY et al (2010) A secure and efficient SIP authentication scheme for converged VoIP networks. Comput Commun 33:1674–1681CrossRef
8.
Pu Q (2010) Weaknesses of SIP authentication scheme for converged VoIP networks. IACR Cryptol ePrint Arch 2010(464)
9.
Gokhroo MK, Jaidhar CD (2011) Tomar AS cryptanalysis of SIP secure and efficient authentication scheme. Proc ICCSN 2011:308–310
10.
Tsai JL (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 9:12–16
11.
Yoon E, Shin Y, Jeon I, Yoo K (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27:203–213CrossRef
12.
Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25:47–54CrossRef
13.
Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initation protocol. Multimedia Tools Appl 66(2):165–178CrossRef
14.
He D, Chen J, Chen Y (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Networks 5(12):1423–1429CrossRef
15.
Zhang L, Tang S, Cai Z (2013) Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card. Int J Commun Syst. doi:10.​1002/​dac.​2499
16.
Kocher P, Jaffe J, Jun B (1999) Differential power analysis, Proceedings of Crypto ‘99, pp. 388–397, Springer-Verlag
17.
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552MathSciNetCrossRef
18.
He D, Chen J, Hu J (2012) An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security. Inform Fusion 13(3):223–230CrossRef
19.
He D, Wu S (2013) Security flaws in a smart card based authentication scheme for multi-server environment. Wirel Pers Commun 70(1):323–329CrossRef
20.
Zhang D, Ma Z, Niu X (2013) Anonymous authentication scheme of trusted mobile terminal under mobile internet. J China Univ Posts Telecommun 20(1):58–65CrossRef
21.
Pu Q, Wang J, Wu S (2013) Scalable and efficient mobile authentication scheme preserving user privacy. Int J Ad Hoc Ubiquit Comput 12(2):65–74CrossRef
Metadata
Title
An improved authentication protocol for session initiation protocol using smart card
Authors
Hang Tu
Neeraj Kumar
Naveen Chilamkurti
Seungmin Rho
Publication date
01-09-2015
Publisher
Springer US
Published in
Peer-to-Peer Networking and Applications / Issue 5/2015
Print ISSN: 1936-6442
Electronic ISSN: 1936-6450
DOI
https://doi.org/10.1007/s12083-014-0248-4

Other articles of this Issue 5/2015

Peer-to-Peer Networking and Applications 5/2015 Go to the issue

OriginalPaper

A granular approach for user-centric network analysis to identify digital evidence

OriginalPaper

Peer-to-peer error recovery for wireless video broadcasting

OriginalPaper

Learning model for efficient query routing in P2P information retrieval systems

OriginalPaper

Dependability and reliability analysis of intra cluster routing technique

OriginalPaper

VoIP-aware network attack detection based on statistics and behavior of SIP traffic

OriginalPaper

Cost and performance effective data center selection system for scientific federated cloud

Premium Partner

    Image Credits