Skip to main content
SpringerLink
Log in

Analyzing secure key authentication and key agreement protocol for promising features of IP multimedia subsystem using IP multimedia server-client systems

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Recently, Session Initiation Protocol (SIP) has become a prime signaling protocol for the multimedia communication systems, though none of the researchers have analyzed its promising features, namely access independence, authentication scheme verification, AKA (Authentication and Key Agreement) security properties, 3GPP security properties, signal congestion, bandwidth consumption and computation overhead using the physical multimedia server-client platform. To examine the issues realistically, the existing authentication schemes, such as UMTS AKA, EPS AKA, Cocktail AKA, S AKA, HL AKA and ZZ AKA were designed and developed in the multimedia server-client systems deployed on Linux platform. The cross-examination revealed that the existing schemes failed to satisfy the IMS (IP Multimedia Subsystem) promising features, like mutual authentication, session-key sharing, (perfect) forward secrecy and implicit-key authentication. Thus, this paper proposes a Secure-Key Authentication and Key Agreement protocol (SK AKA) to meet out the standard demands of IMS. To curtail its authentication steps, the secure authentication vector S AV computes and dispenses the generated vectors between the multimedia server-client systems in advance, through the serving call session control function S CSCF . As a result, the execution steps of UMTS AKA are annulled for the sake of accomplishment of the IMS features. In addition, the protocol of SK AKA integrates the strategies of Context Identity C ID and Elliptic Curve – Diffie Hellman (EC-DH) to resist most of the potential attacks like SIP flooding, forgery, man-in-the-middle, password guessing and key impersonation. To analyze the parameters, such as (SIP) Flooding Attack Detection Rate, End-To-End Delay of Multiple Voice Call Session, Call Success Rate, SIP Utilization, RTP Utilization, Call Response Time, Bandwidth Consumption and Signalling Congestion realistically, the proposed and existing authentication schemes have been coded and integrated in the real-time IMS client-server system. Above all, the thoroughgoing research has revealed that the proposed protocol of SK AKA accomplishes all the IMS challenges: 1. Adhere the promising features of IMS; 2. Attack resiliency; and 3. Fulfill the promising parameters of IMS, in comparison with the other existing schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. 3GPP TS 21.133 V4.1.0 (2001) 3G security: security threats and requirements

  2. 3GPP TS 33.401 V12.5.0 (2012) 3GPP System Architecture Evolution (SAE): security architecture

  3. Al-Saraireh J, Yousef S (2006) A new authentication protocol for UMTS mobile networks. EURASIP J Wirel Commun Netw 2:19

    Google Scholar 

  4. Arapinis M, Mancini L, Ritter E, Ryan M, Golde N, Redon K, Borgaonkar R (2012) New privacy issues in mobile telephony: fix and verification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS ’12), ACM, New York, NY, USA, 2012, pp. 205–216

  5. Babu BS, Venkataram P (2009) A dynamic authentication scheme for mobile transactions. Int J Netw Secur 8(1):59–74

    Google Scholar 

  6. Boyd C, Mathuria A (2003) Protocols for authentication and key establishment. Springer, Berlin

    Book  Google Scholar 

  7. Chang K-D, Chen C-Y, Hsu S-W, Chao H-C, Chen J-L (2012) Advanced path-migration mechanism for enhancing signaling efficiency in IP multimedia subsystem. KSII Trans Internet Inf Syst 6(1):305–321

    Google Scholar 

  8. Chang CC, Lee JS, Chang YF (2005) Efficient authentication protocols of GSM. Comput Commun 28:921–928

    Article  Google Scholar 

  9. Chen C-Y, Tin-Yu W, Huang Y-M, Chao H-C (2008) An efficient end-to-end security mechanism for IP multimedia subsystem. Comput Commun 31(18):4259–4268

    Article  Google Scholar 

  10. Chen YW, Wang JT, Chi KH, Tseng CC (2010) Group-based authentication and key agreement. Wireless Pers Commun 62(4):965–979

    Article  Google Scholar 

  11. Choi Y, Kim S (2004) An improvement on privacy and authentication in GSM. In Proceedings of workshop on information security applications (WISA 2004), pp. 14–16

  12. Dominguez AP (2006) Cryptanalysis of Park’s authentication protocol in wireless mobile communication systems. Int J Netw Secur 3(3):279–282

    MathSciNet  Google Scholar 

  13. Fadullah ZM, Taleb T, Vasilakos AV, Guizani M, Kato N (2010) DTRAB: combating against attacks on encrypted protocols through traffic-feature analysis. IEEE ACM T Netw 18(4):1234–1247

    Article  Google Scholar 

  14. Gardezi AI (2006) Security in wireless cellular networks. Washington University in St. Louis, St. Louis

    Google Scholar 

  15. Harn L, Hsin WJ (2003) On the security of wireless network access with enhancements. In:2nd ACM Workshop on Wireless Security, San Diego, CA, USA, p. 88–95. doi:10.1145/941311.941325

  16. Huang CM, Li JW (2005) Authentication and key agreement protocol for UMTS with low bandwidth consumption. In Proceeding of the 19th international conference on information networking and applications (AINA 2005), IEEE, 28–30th March 2005, pp. 392–397

  17. Huang YL, Shen CY, Shieh SW (2011) S-AKA: a provable and secure authentication key agreement protocol for UMTS networks. IEEE T Veh Technol 60(9):4509–4519

    Article  Google Scholar 

  18. Juang WS, Wu JL (2007) Efficient 3GPP authentication and key agreement with robust user privacy protection. In Proceeding of the IEEE communications and networking conference (WCNC2007), Kowloon, 11–15 March 2007, pp. 2720–2725

  19. Lee C-C, Chen C-L, Hsia-Hung O, Chen LA (2013) Extension of an Efficient 3GPP Authentication and Key Agreement Protocol. Wirel Personal Commun 68:861–872

    Article  Google Scholar 

  20. Lee CC, Hwang MS, Liao IE (2006) Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE T Ind Elect 53(5):1683–1687

    Article  Google Scholar 

  21. Lee CC, Hwang MS, Liao IE (2008) A new authentication protocol based on pointer forwarding for mobile communications. Wirel Commun Mob Comput 8:661–672

    Article  Google Scholar 

  22. Lee CC, Hwang MS, Yang WP (2003) Extension of authentication protocol for GSM. IEE Proceedings-Commun 150(2):91–95

    Article  Google Scholar 

  23. Liang XH, Li X, Lu RX, Lin XD, Shen XM (2012) Enabling pervasive healthcare with privacy preservation in smart community. In: 2012 I.E. International Conference on Communications (ICC), 10–15 June 2012, pp. 3451–3455

  24. Liang XH, Lu RX, Chen L, Lin XD, Shen XM (2011) PEC: a privacy preserving emergency call scheme for mobile healthcare social networks. J Commun Netw 13(2):102–112

    Article  Google Scholar 

  25. Lifei Wei, Haojin Zhu, Zhenfu Cao, Weiwei Jia, Athanasios V Vasilakosb (2014) SecCloud: Bridging Secure Storage and Computation in Cloud. In: Proceedings of the 2010 I.E. 30th International Conference on Distributed Computing Systems Workshops (ICDCSW), Genova, 21–25 June 2010, pp 52–61

  26. Lin YB, Chang MF, Hsu MT, Wu LY (2005) One-pass GPRS and IMS authentication procedure for UMTS. IEEE J Sel Areas Commun 23(6):1233–1239

    Article  Google Scholar 

  27. Liu B, Bi J, Vasilakos AV (2014) Toward incentivizing anti-spoofing deployment. IEEE T Inf Foren Sec 9(3):436–450

    Article  Google Scholar 

  28. Mao W (2004) Modern cryptography theory and practice. Prentice Hall, New York

    Google Scholar 

  29. Menezes AJ, Oorschot PC, Vanstone SA (1997) Handbook of applied cryptograph. CRC Press, New York

    Google Scholar 

  30. Meyer U, Wetzel S (2004) A man-in-the-middle attack on UMTS, in: Proc. 3rd ACM WiSe, New York, 2004, pp. 90–97

  31. Ntop. (2012) A traffic analysis tool : Online : www.ntop.org/

  32. OpenIMSCore (2009) Website Link: http://www.openim-score.org/

  33. Ou HH, Hwang MS, Jan JK (2010) A cocktail protocol with the authentication and key agreement on the UMTS. J Syst Softw 83(2):316–325

    Article  Google Scholar 

  34. Poikselka M, Mayer G, Khartabil H, Niemi A (2006) The IMS: IP multimedia concepts and services. Second Edition, John Wiley & Sons

  35. Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M, Schooler E (2002) SIP: Session Initiation Protocol, IETF, IETF RFC 3261

  36. Shen JJ, Lin CY, Yang HW (2005) Cryptanalysis of a new efficient mAKEP for wireless communications. Int J Netw Secur 1(2):118–121

    Google Scholar 

  37. Shneier B (1996) Applied cryptography, 2nd edn. Wiley, New York

    Google Scholar 

  38. Stinson D (2002) Cryptography theory and practice, 2nd edn. Chapman & Hall/CRC, London/Boca Raton

    Google Scholar 

  39. UCTIMS (2012) Website Link: http://uctimsclient.berlios.de/

  40. Weia L, Zhua H, Caoa Z, Donga X, Jiaa W, Chena Y, Athanasios AV (2014) Security and privacy for storage and computation in cloud computing. Inf Sci 258:371–386

    Article  Google Scholar 

  41. Wu S, Zhu Y, Pu Q (2010) Security analysis of a cocktail protocol with the authentication and key agreement on the UMTS. IEEE Commun Lett 14(4):366–368

    Article  Google Scholar 

  42. Yan Z, Zhang P, Vasilakos AV (2014) A survey on trust management for Internet of Things. J Netw Comput Appl 42:120–134

    Article  Google Scholar 

  43. Yang CC, Chu KH, Yang YW (2006) 3G and WLAN interworking security: current status and key. Int Jf NetwSecur 2(1):1–13

    MathSciNet  Google Scholar 

  44. Yang H, Zhang Y, Zhou Y, Xiaoming F, Liu H, Vasilakos AV (2014) Provably secure three-party authenticated key agreement protocol using smart cards. Comput Netw 58:29–38

    Article  Google Scholar 

  45. Zhang M (2003) Provably-secure enhancement on 3GPP authentication and key agreement protocol, Verizon Commun., Cryptology ePrint Archive Rep. 2003/092, 2003

  46. Zhang M, Fang Y (2005) Security analysis and enhancements of 3GPP authentication and key agreement protocol. IEEE T Wirel Commun 4(2):734–742

    Article  Google Scholar 

  47. Zhang Z, Qi Q, Kumar N, Chilamkurti N, Hwa-Young (2014) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimedia Tools and Applications. doi:10.1007/s11042-014-1885-6

    Google Scholar 

  48. Zhang X, Zhou F, Zhu X, Sun H, Perrig A, Vasilakos AV, Guan H (2014) DFL: secure and practical fault localization for data center networks. IEEE ACM T Netw 22(4):1218–1231

    Article  Google Scholar 

  49. Zhu HJ, Lin XD, Shi MH, Ho PH, Shen XM (2009) PPAB: a privacy preserving authentication and billing architecture for metropolitan area sharing networks. IEEE Trans Veh Technol 58(5):2529–2543

    Article  Google Scholar 

Download references

Acknowledgments

The corresponding author would like to SASTRA and Tata Consultancy Services for financial assistance under the scheme of Research Scholar Program (RSP).

Author information

Authors and Affiliations

  1. School of Computing, SASTRA University, Thanjavur, TN, 613401, India

    Bakkiam David Deebak, Rajappa Muthaiah & Pitchai Iyer Swaminathan

  2. School of Electrical and Electronics, SASTRA University, Thanjavur, TN, 613401, India

    Karuppuswamy Thenmozhi

Authors
  1. Bakkiam David Deebak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rajappa Muthaiah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Karuppuswamy Thenmozhi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pitchai Iyer Swaminathan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bakkiam David Deebak.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Deebak, B.D., Muthaiah, R., Thenmozhi, K. et al. Analyzing secure key authentication and key agreement protocol for promising features of IP multimedia subsystem using IP multimedia server-client systems. Multimed Tools Appl 75, 2111–2143 (2016). https://doi.org/10.1007/s11042-014-2397-0

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-014-2397-0

Keywords

Search

Navigation