Abstract
The IP multimedia subsystem represents an architectural framework to support multimedia-based services using internet protocol over wired and wireless media. These IP-based multimedia services rely on session initiation protocol (SIP) for creating, maintaining and terminating the communicative sessions, which underscores the efficiency and security of SIP protocol. Many SIP based authentication schemes have been put forward in the last decade, however with many limitations. Recently, Lu et al. and Chaudhary et al. presented SIP based authentication protocols. Then, Dongqing et al. discovered limitations in Lu et al. and Chaudhary et al. schemes, and presented an improved SIP authentication protocol. Nonetheless, we ascertain that Dongqing et al.’s protocol is prone to privileged insider attack, denial of service attack, and session specific ephemeral secret-leakage attack. Besides, this protocol assumes a strictly time synchronized system, which limits the practical effectiveness of the protocol for a real environment. We also propose an improved SIP authentication protocol that covers the limitations of Dongqing et al. protocol. Our scheme is formally proved as secure using BAN logic analysis. The performance analysis illustrates the comparison for related schemes with proposed scheme, which depicts the efficiency and robustness of the scheme over previous schemes.
Similar content being viewed by others
References
3rd Generation Partnership Project: Technical Specification Group Services and System Aspects; IP multimedia subsystem (IMS). 3GPP TS 23.228 V11.4.0 (2012).
Poikselkä, M., Niemi, A., Khartabil, H., & Mayer, G. (2007). The IMS: IP multimedia concepts and services (2nd Edn.). ISBN: 978-0-470-03183-4.
Arkko, J., Torvinen, V., Camarillo, G., Niemi, A., & Haukka, T. (2003). Security mechanism agreement for the session initiation protocol (sip). Cognitiva,12(1), 37–61.
Salsano, S., Veltri, L., & Papalilo, D. (2002). SIP security issues: The SIP authentication procedure and its processing load. Piscataway: IEEE Press.
Chaudhry, S. A., Naqvi, H., Sher, M., Farash, M. S., & Hassan, M. U. (2015). An improved and provably secure privacy preserving authentication protocol for sip. Peer-to-Peer Networking and Applications,10, 1–15.
Yi, P. L., & Wang, S. S. (2010). A new secure password authenticated key agreement scheme for sip using self-certified public keys on elliptic curves. Computer Communications,33(3), 372–380.
Thomas, M. (2001). SIP security requirements. IETF Intemet dren (draftthomas-sip-sec-reg’OO. txt).
Yoon, E. J., Shin, Y. N., Il, S. J., & Yoo, K. Y. (2010). Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Technical Review,27(3), 203–213.
Leach, P. J., Franks, J., Luotonen, A., Hallam-Baker, P. M., Lawrence, S. D., Hostetler, J. L., & Stewart, L. C. (1999). HTTP authentication: Basic and digest access authentication.
Yang, C. C., Wang, R. C., & Liu, W. T. (2005). Secure authentication scheme for session initiation protocol. Computers & Security,24(5), 381–386.
Denning, D. E., & Sacco, G. M. (1981). Timestamps in key distribution systems. Communications of the ACM,24(8), 533–536.
He, D., Chen, J., & Chen, Y. (2012). A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Security and Communication Networks,5(12), 1423–1429.
Durlanik, A., & Sogukpinar, I. (2005). Sip authentication scheme using ecdh. Screen,137, 3367.
Liufei, W., Zhang, Y., & Wang, F. (2009). A new provably secure authentication and key agreement protocol for sip using ecc. Computer Standards & Interfaces,31(2), 286–291.
Yoon, E. J., Yoo, K. Y., Kim, C., Hong, Y. S., Jo, M., & Chen, H. H. (2010). A secure and efficient sip authentication scheme for converged voip networks. Computer Communications,33(14), 1674–1681.
Gokhroo, M. K., Jaidhar, C. D., & Tomar, A. S. (2011). Cryptanalysis of sip secure and efficient authentication scheme. In: IEEE international conference on communication software and networks, pp. 308–310.
Pu, Q. (2010). Weaknesses of SIP authentication scheme for converged VoIP networks. IACR Cryptol ePrint Arch, 464.
Jia, L. T. (2009). Efficient nonce-based authentication scheme for session initiation protocol. International Journal of Network Security,8(1), 12–16.
Arshad, R., & Ikram, N. (2013). Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications,66(2), 165–178.
Chen, T., Yeh, H., Liu, P., Hsiang, H., & Shih, W. (2010). A secured authentication protocol for sip using elliptic curves cryptography. Communications in Computer and Information Science,119, 46–55.
Lin, C. L., & Hwang, T. (2003). A password authentication scheme with secure password updating. Computers & Security,22(1), 68–72.
Yoon, E. J., & Yoo, K. Y. (2009). Cryptanalysis of ds-sip authentication scheme using ecdh. In: International conference on new trends in information and service science, pp. 642–647.
Xie, Q. (2012). A new authenticated key agreement for session initiation protocol. International Journal of Communication Systems,25(1), 47–54.
Farash, M. S., & Attari, M. A. (2013). An enhanced authenticated key agreement for session initiation protocol. Information Technology And Control,42(4), 333–342.
Zhang, Z., Qi, Q., Kumar, N., Chilamkurti, N., & Jeong, H. Y. (2015). A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimedia Tools and Applications,74(10), 3477–3488.
Yanrong, L., Li, L., Peng, H., & Yang, Y. (2016). A secure and efficient mutual authentication scheme for session initiation protocol. Peer-to-Peer Networking and Applications,9(2), 1–11.
Chaudhry, S. A., Khan, I., Irshad, A., Ashraf, M. U., Khan, M. K., & Ahmad, H. F. (2016). A provably secure anonymous authentication scheme for session initiation protocol. Security and Communication Networks,9, 5016–5027.
Xu, D., Zhang, S., Chen, J., & Ma, M. (2017). A provably secure anonymous mutual authentication scheme with key agreement for SIP using ECC. Peer-to-Peer Networking and Applications,11, 837–847.
Vanstone, A. (1997). Elliptic curve cryptosystem—The answer to strong, fast public-key cryptography for securing constrained environments. Information Security Technical Report,2(2), 78–87.
Lumini, A., & Loris, N. (2007). An improved Bio-hashing for human authentication. Pattern Recognition,40(3), 1057–1065.
Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Bio-hashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition,37(11), 2245–2255.
Odelu, V., Das, A. K., & Goswami, A. (2014). A secure effective key management scheme for dynamic access control in a large leaf class hierarchy. Information Sciences,269(4), 270–285.
Mansoor, K., Ghani, A., Chaudhry, S. A., Shamshirband, S., & Ghayyur, S. A. K. (2019). Securing IoT based RFID systems: A robust authentication protocol using symmetric cryptography. Sensors, 19(21), 4752. https://doi.org/10.3390/s19214752.
Ghani, A., Mansoor, K., Mehmood, S., Chaudhry, S. A., & Rahman, A. U. (2019). M Najmus Saqib, Security and key management in IoT based wireless sensor networks: An authentication protocol using symmetric key. International Journal of Communication Systems, 32(16), e4139. https://doi.org/10.1002/dac.4139.
Burrows, M., Abadi, M., & Needham, R. M. (1871). A logic of authentication. Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences,1989(426), 233–271.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Ul Hassan, M., Chaudhry, S.A. & Irshad, A. An Improved SIP Authenticated Key Agreement Based on Dongqing et al.. Wireless Pers Commun 110, 2087–2107 (2020). https://doi.org/10.1007/s11277-019-06831-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-019-06831-y