Abstract
A secure key agreement scheme plays a major role in protecting communications between the users using voice over internet protocol over a public network like the internet. In this paper we present a strong security authenticated key agreement scheme for session initiation protocol (SIP) by using biometrics, passwords and smart cards. The proposed scheme realizes biometric data protection through key agreement process meanwhile achieving the verification of the biometric value on the SIP server side which is very important in designing a practical authenticated key agreement for SIP. The main merits of our proposed scheme are: (1) the SIP server does not need to maintain any password or verification table; (2) the scheme can provide user identity protection—the user’s real identity is protected by a secure symmetric encryption algorithm and the elliptic curve discrete logarithm problem, and it is transmitted in code; (3) the scheme can preserve the privacy of the user’s biometric data while the biometric matching algorithm is performed at the SIP server side, even if the server does not know the biometric data in the authentication process. Performance and security analysis shows that our proposed scheme increases efficiency significantly in comparison with other related schemes.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Rosenberg, J., Schulzrinne, H., Camarillo G., et al. (2002). SIP: Session initiation protocol. RFC 3261.
Yang, C., Wang, R., & Liu, W. (2005). Secure authentication scheme for session initiation protocol. Computers and Security, 24, 381–386.
Jo, H., Lee, Y., Kim, M., Kim, S., & Won, D. (2009). Off-line password-guessing attack to Yang’s and Huang’s authentication schemes for session initiation protocol. In Proceedings of INC, IMS and IDC, Seoul, Korea, August 25–27 (pp. 618–621).
Srinivasan, R., Vaidehi, V., Harish, K., Lakshmi Narasimhan, K., Lokeshwer Babu, S., & Srikanth, V. (2005). Authentication of signaling in VoIP applications. In Proceedings of Asia-Pacific conference on communications, Perth, Australia, October 5 (pp. 530–533).
Nodooshan, A. M., Darmani, Y., et al. (2009). A robust and efficient SIP authentication scheme. Communications in Computer and Information Science, 6, 551–558.
Ring, J., Choo, K.-K. R., Foo, E., & Looi, M. (2006). A new authentication mechanism and key agreement protocol for sip using identity-based cryptography. In Proceedings of AusCERT R&D stream, Gold Coast, Australia, May 23 (pp. 61–72).
Han, K., Yeun, C., & Kim, K. (2008). Design of secure VoIP using ID-based cryptosystem. In The symposium on cryptography and information security, Miyazaki, Japan, Jan 22–25 (pp. 1–6).
Wang, F., & Zhang, Y. (2008). A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography. Computer Communications, 31(10), 2142–2149.
Li, X., Zhang, Y., & Zhang, G. (2012). A new certificateless authenticated key agreement protocol for SIP with different KGCs. Security and Communication Networks, 6(5), 631–643.
Wu, L., Zhang, Y., & Wang, F. (2009). A new provably secure authentication and key agreement protocol for SIP using ECC. Computer Standards and Interfaces, 31(2009), 286–291.
Yoon, E. J., Yoo, K. Y., et al. (2010). A secure and efficient SIP authentication scheme for converged VoIP networks. Computer Communications, 33(2010), 1674–1681.
Jia Lun Tsai. (2009). Efficient nonce-based authentication scheme for session initiation protocol. International Journal of Network Security, 9(1), 12–16.
Yoon, E., Shin, Y., Jeon, I., & Yoo, K. (2010). Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Technical Review, 27(2010), 203–213.
Xie, Q. (2012). A new authenticated key agreement for session initiation protocol. International Journal of Communication Systems, 25(2012), 47–54.
Yoon, E.-J., & Yoo, K.-Y. (2010). A three-factor authenticated key agreement scheme for SIP on elliptic curves. In Proceedings of 2010 fourth international conference on network and system security, Melbourne, Australia, September 1–3 (pp. 334–339).
Yeh, H.-L., Chen, T.-H., & Shih, W.-K. (2013). Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Computer Standards and Interfaces, 36(2), 397–402.
Fan, C.-I., & Lin, Y.-H. (2009). Provably Secure Remote Truly Three-Factor Authentication Scheme with Privacy Protection on Biometrics. IEEE Transactions on Information Forensics and Security, 4(4), 933–945.
Li, X., Niu, J., et al. (2011). Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 34(2011), 73–79.
Dhruti, S., & Devesh, J. (2011). ID-based secure key generation protocol. In Proceeding of 2011 international conference on computer and communication technology, Allahabad, India, September 15–17 (pp. 416–421).
Lei, Z. (2015). Certificateless one-pass and two-party authenticated key agreement protocol and its extensions. Information Sciences, 293(1), 182–195.
Hankerson, D., Hernandez, J. L., & Menezes, A. (2000). Software implementation of elliptic curve cryptography over binary fields. Cryptographic Hardware and Embedded Systems, 1965, 1–22.
Brown, M., Hankerson, D., Lopez, J., & Menezes, A. (2001). Software Implementation of the NIST elliptic curve curves over prime fields. Lecture Notes in Computer Science, 2020, 250–265.
Yanik, T., Kilinc, H. H., Sarioz, M., & Erdem, S. S. (2008). Evaluating SIP proxy servers based on real performance data. In Proceedings of international symposium on performance evaluation of computer and telecommunication systems, June 16–18, Edinburgh, UK (pp. 324–329).
Hao, F., Anderson, R., & Daugman, J. (2006). Combining cryptography with biometrics effectively. IEEE Transactions on Computers, 55(9), 1081–1088.
Barra, S., Casanova, A., Narducci, F., & Ricciardi, S. (2014). Ubiquitous iris recognition by means of mobile devices. Pattern Recognition Letters,. doi:10.1016/j.patrec.2014.10.011.
Himanshu Rai and Anamika Yadav. (2014). Iris recognition using combined support vector machine and Hamming distance approach. Expert Systems with Applications, 41(2014), 588–593.
Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transaction on Computer Systems, 8, 18–36.
Nessett, D. M. (1990). A critique of the Burrows, Abadi, and Needham logic. Operating Systems Review, 24(2), 35–38.
Rubin, A. D. (1994). Nonmonotonic cryptographic protocols. In Proceedings of the computer security foundations workshop (pp. 100–116).
Alcaide, A., Abdallah, A. E., Gonzalez-Tablas, A. I., de Fuentes, J. M. (2011). L-PEP: A logic to reason about privacy-enhancing cryptography protocols. In Data privacy management and autonomous spontaneous security, lecture notes in computer science (Vol. 6514, pp. 108–122).
Gong, L., Needham, R., & Yahalom, R. (1990). Reasoning about belief in cryptographic protocols. In Proceedings of IEEE computer society symposium on research in security and privacy, Oakland, USA, May 7–9 (pp. 234–248).
Acknowledgments
This work was supported by the National Natural Science Foundation of China [Grant Numbers 61303237, 61272469]; the Wuhan Scientific Research Program [Grant Number 2013010501010144]; and China Postdoctoral Fund [Grant Number 2012194091]; and the Fundamental Research Funds for the Central Universities [Grant Number 2013199037].
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, L., Tang, S. & Zhu, S. Privacy-preserving authenticated key agreement scheme based on biometrics for session initiation protocol. Wireless Netw 23, 1901–1916 (2017). https://doi.org/10.1007/s11276-016-1267-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11276-016-1267-2