Skip to main content
SpringerLink
Log in

An Improved SIP Authentication Scheme Based on Server-Oriented Biometric Verification

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The Session Initiation Protocol (SIP) provides a way to control the wired and wireless Voice over Internet Protocol-based communication over an insecure channel. The SIP protocol is not secure due to relying on an intrinsically open text-based communication, which further stresses the strengthening of SIP authentication protocols. Many solutions have been put forward in the last few years to design the secure and efficient SIP authentication protocols for multimedia. Recently, Zhang et al. proposed a SIP authentication protocol with an enhanced feature that enables the server authenticate the users on the basis of biometric verification. However, after a careful observation, one can witness few limitations regarding privileged insider attack, session specific temporary attack, De-synchronization attack; denial-of-service attack, inefficient password modification and lack forward secrecy compromise. We have proposed a secure scheme countering the identified flaws of Zhang et al. and other contemporary schemes. We also demonstrate the security strength of proposed scheme by employing the formal security analysis under BAN logic.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Hussain, T. H., Marimuthu, P. N., & Habib, S. J. (2012). Supporting multimedia applications through network redesign. International Journal of Communication Systems. doi:10.1002/dac.2371.

    Google Scholar 

  2. Li, J.-S., Kao, C.-K., & Tzeng, J.-J. (2011). VoIP secure session assistance and call monitoring via building security gateway. International Journal of Communication Systems, 24, 837–851.

    Article  Google Scholar 

  3. Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., et al. (2002). SIP: Session initiation protocol (No. RFC 3261).

  4. Irshad, A., Sher, M., Ch, S. A., Naqvi, H., & Farash, M. S. (2016). An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging Registration Centre. The Journal of Supercomputing, 72, 1–22.

    Article  Google Scholar 

  5. Kilian, J. (1992). A note on efficient zero-knowledge proofs and arguments. In Proceedings of the 24th annual ACM symposium on theory of computing (pp. 723–732). Victoria, B.C.

  6. Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., et al. (1999). HTTP authentication: Basic and digest access authentication (No. RFC 2617).

  7. Thomas, M. (2001). SIP security requirements. In IETF Intemet dren (draftthomas-sip-sec-reg’OO. txt).

  8. Rescorla, E. (2000). SSL and TLS: Designing and building Secure systems. New York, NY: Addison-Wesley.

    Google Scholar 

  9. Kent, S., & Atkinson, R. (1998). Security architecture for the internet protocol, RFC 2401.

  10. Ylonen, T., & Lonvick, C. (Ed.). (2006). The secure shell (SSH) transport layer protocol, RFC 4253.

  11. Raeburn, K. (2005). Encryption and checksum specifications for kerberos 5. RFC 3961.

  12. Lee, C. C. (2009). On security of an efficient nonce based authentication scheme for SIP. International Journal of Networks and Security, 3, 201–203.

    Google Scholar 

  13. Lu, R., & Cao, Z. (2006). Off-line password guessing attack on an efficient key agreement protocol for secure authentication. International Journal of Networks and Security, 3(1), 35–38.

    Google Scholar 

  14. Wang, B., & Li, Z. Q. (2006). A forward-secure user authentication scheme with smart cards. International Journal of Networks and Security, 3(2), 116–119.

    Google Scholar 

  15. Bellare, M., Pointcheval, D., & Rogaway, P. (2000). Authenticated key exchange secure against dictionary attacks. In Advances in cryptology—EUROCRYPT 2000 (pp. 139–155). Springer, Berlin.

  16. Boyko, V., MacKenzie, P., & Patel, S. (2000). Provably secure password-authenticated key exchange using Diffie–Hellman. In Advances in cryptology—Eurocrypt 2000 (pp. 156–171). Springer, Berlin.

  17. Abdalla, M., & Pointcheval, D. (2005). Simple password-based encrypted key exchange protocols. In Cryptographers’ track at the RSA conference (pp. 191–208). Springer, Berlin.

  18. Schneider, B. (1996). Applied cryptography second edition: Protocols, algorithms, and source code in C. London: Wiley.

    Google Scholar 

  19. Atkinson, R. Security Architecture for the internet protocol, RFC 1825.

  20. Zhang, L., Tang, S., & Zhu, S. (2016). Privacy-preserving authenticated key agreement scheme based on biometrics for session initiation protocol. Wireless Networks. doi:10.1007/s11276-016-1267-2.

    Article  Google Scholar 

  21. Menezes, A. J., Oorschot, P. C., & Vanstone, S. A. (1997). Handbook of applied cryptograph. New York: CRC Press.

    MATH  Google Scholar 

  22. Certicom Research Standard for efficient cryptography, SEC 1 (2000). EC Cryptography. Version 1.0.

  23. Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48, 203–209.

    Article  MathSciNet  MATH  Google Scholar 

  24. Miller, V. S. (1985). Use of elliptic curves in cryptography. In Conference on the theory and application of cryptographic techniques (pp. 417–426). Springer, Berlin.

  25. Lumini, A., & Loris, N. (2007). An improved Bio-hashing for human authentication. Pattern Recognition, 40(3), 1057–1065.

    Article  MATH  Google Scholar 

  26. Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Bio-hashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 37(11), 2245–2255.

    Article  Google Scholar 

  27. Yang, C., Wang, R., & Liu, W. T. (2005). Secure authentication scheme for session initiation protocol. Computers & Security, 4, 381–386.

    Article  Google Scholar 

  28. Durlanik, A., & Sogukpinar, I. (2005). SIP authentication scheme using ECDH. World Enformatika Society Transaction on Engineering Computing and Technology, 8, 350–353.

    Google Scholar 

  29. Wu, L., Zhang, Y., & Wang, F. (2009). A new provably secure authentication and key agreement protocol for SIP using ECC. Computer Standards and Interfaces, 31(2), 286–291.

    Article  Google Scholar 

  30. Yoon, E. J., & Koo, K. Y. (2010). Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Technical Review, 27(3), 203–213.

    Article  Google Scholar 

  31. Pu, Q. (2010). Weaknesses of SIP authentication scheme for converged VoIP networks, http://eprint.iacr.org/2010/464

  32. Tsai, J. (2009). Efficient nonce-based authentication scheme for session initiation protocol. International Journal of Networks and Security, 8(3), 312–316.

    Google Scholar 

  33. Arshad, R., & Ikram, N. (2011). Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications. doi:10.1007/s11042-011-0787-0.

    Google Scholar 

  34. Hongbin, T., & Xinsong, L. (2012). Cryptanalysis of Arshad et al.’s ECC-based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications. doi:10.1007/s11042-012-1001-8.

    Google Scholar 

  35. Xie, Q. (2011). A new authenticated key agreement for session initiation protocol. International Journal of Communication Systems. doi:10.1002/dac.1286.

    Google Scholar 

  36. Callegari, C., Garroppo, R. G., Giordano, S., & Pagano, M. (2009). Security and delay issues in SIP systems. International Journal of Communication Systems, 22, 1023–1044.

    Article  Google Scholar 

  37. Debiao, H., Jianhua, C., & Yitao, C. (2012). A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Security and Communication Networks. doi:10.1002/sec.506.

    Google Scholar 

  38. Huang, H. F., & Wei, W. C. (2006). A new efficient authentication scheme for session initiation protocol. Computing, 1(2), 1–3.

    Google Scholar 

  39. Geneiatakis, D., Dagiuklas, T., Kambourakis, G., Lambrinoudakis, C., Gritzalis, S., & Ehlert, S. (2006). Survey of security vulnerabilities in session initiation protocol. IEEE Communications Surveys and Tutorials, 8(3), 68–81.

    Article  Google Scholar 

  40. Veltri, L., Salsano, S., & Papalilo, D. (2002). SIP security issues: The SIP authentication procedure and its processing load. IEEE Network, 16(6), 38–44.

    Article  Google Scholar 

  41. Farash, M. S. (2014). An improved password-based authentication scheme for session initiation protocol using smart cards without verification table. International Journal of Communication Systems. doi:10.1002/dac.2879.

    Google Scholar 

  42. Arshad, H., & Nikooghadam, M. (2014). An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimedia Tools and Applications. doi:10.1007/s11042-014-2282-x.

    Google Scholar 

  43. Zhang, L., Tang, S., & Cai, Z. (2013). Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card. International Journal of Communication Systems, 27(11), 2691–2702.

    Google Scholar 

  44. Irshad, A., Sher, M., Rehman, E., Ashraf, Ch S, Hassan, M. U., & Ghani, A. (2013). A single round-trip SIP authentication scheme for voice over internet protocol using smart card. Multimedia Tools and Applications. doi:10.1007/s11042-013-1807-z.

    Google Scholar 

  45. Yeh, H. L., Chen, T. H., & Shih, W. K. (2014). Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Computer Standards & Interfaces, 36(2), 397–402.

    Article  Google Scholar 

  46. Jiang, Q., Ma, J., & Tian, Y. (2014). Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of Zhang et al. International Journal of Communication Systems. doi:10.1002/dac.2767.

    Google Scholar 

  47. Yoon, E.-J., & Yoo, K.-Y. (2010). A three-factor authenticated key agreement scheme for SIP on elliptic curves. In Proceedings of 2010 fourth international conference on network and system security, Melbourne, Australia, September 1–3 (pp. 334–339).

  48. http://www.cs.ucla.edu/~rafail/PUBLIC/89.pdf.

  49. Irshad, A., Sher, M., Faisal, M. S., Ghani, A., Ul Hassan, M., & Ashraf, Ch S. (2014). A secure authentication scheme for session initiation protocol by using ECC on the basis of the Tang and Liu scheme. Security and Communication Networks, 7(8), 1210–1218.

    Article  Google Scholar 

  50. Burrow, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8, 18–36.

    Article  Google Scholar 

  51. Kilinc, H. H., & Yanik, T. (2014). A survey of SIP authentication and key agreement schemes. Communications Surveys & Tutorials, IEEE, 16(2), 1005–1023.

    Article  Google Scholar 

  52. Lin, H., Wen, F., & Du, C. (2017). An anonymous and secure authentication and key agreement scheme for session initiation protocol. Multimedia Tools and Applications, 76(2), 2315–2329.

    Article  Google Scholar 

  53. Lu, Y., Li, L., Peng, H., & Yang, Y. (2017). An anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography. Multimedia Tools and Applications, 76(2), 1801–1815.

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China under Grant No. 61300220, and the Scientific Research Fund of Hunan Provincial Education Department under Grant No. 16B089.

Author information

Authors and Affiliations

  1. Department of Computer Science and Software Engineering, International Islamic University, Islamabad, Pakistan

    Azeem Irshad & Shehzad Ashraf Chaudhry

  2. Chaudhary Charan Singh University, Meerut, Uttar Pradesh, 250004, India

    Saru Kumari

  3. Hunan University of Science and Technology, Xiangtan, China

    Xiong Li

  4. Xiamen Institute of Technology, Xiamen, China

    Fan Wu

  5. Department of Computer Engineering and Information Technology, Imam Reza International University, Mashhad, Iran

    Hamed Arshad

Authors
  1. Azeem Irshad
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Saru Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fan Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shehzad Ashraf Chaudhry
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hamed Arshad
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Azeem Irshad.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Irshad, A., Kumari, S., Li, X. et al. An Improved SIP Authentication Scheme Based on Server-Oriented Biometric Verification. Wireless Pers Commun 97, 2145–2166 (2017). https://doi.org/10.1007/s11277-017-4601-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4601-9

Keywords

Search

Navigation