Skip to main content
Log in

An anonymous and secure authentication and key agreement scheme for session initiation protocol

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

In 2014, Arshad and Nikooghadam proposed an authentication and key agreement scheme for SIP to conquer the existing defects in Irshad et al.’s scheme. They claimed that their scheme resists various security attacks and has low computation cost. We found that even though Arshad et al.’s scheme achieves high efficiency, their scheme is insecure against server spoofing attacks, denial of service attacks and privilege insider attacks. Furthermore, the password change phase of their scheme is complicated and their scheme cannot provide user anonymity. To overcome the weaknesses of Arshad et al.’s scheme, we proposed an anonymous and secure authentication and key agreement protocol for SIP. Compared with Arshad et al.’s scheme, our scheme not only withstands more security attacks, but also achieves user anonymity and high efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2):165–178

    Article  Google Scholar 

  2. Arshad H, Nikooghadam M (2014) An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimed Tools Appl. doi:10.1007/s11042-014-2282-x

    Google Scholar 

  3. Franks J, Hallam-Baker PM, Hostetler JL, Lawrence SD, Leach PJ, Luotonen A, Stewart LC (1999) HTTP authentication: basic and digest access authentication. IETF RFC 2617

  4. Guo DL, Wen QY, Li WM, Zhang H, Jin ZP (2015) An improved biometrics-based authentication scheme for Telecare medical information systems. J Med Syst. doi:10.1007/s10916-015-0194-6

    Google Scholar 

  5. Irshad A, Sher M, Rehman E, Ashraf ChS, Hassan MU, Ghani A (2013) A single round-trip SIP authentication scheme for voice over internet protocol using smart card. Multimed Tools Appl. doi:10.1007/s11042-013-1807-z

    Google Scholar 

  6. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. Advances in Cryptology-CRYPTO’99 1666(16):388–397

    MATH  Google Scholar 

  7. Leng XF (2009) Smart card applications and security. Inf Secur Tech Rep 14 (2):36–45

    Article  Google Scholar 

  8. Li X, Ma J, Wang WD, Xiong YP (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769

    Article  Google Scholar 

  9. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  Google Scholar 

  10. Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R (2002) SIP: session initiation protocol. IETF RFC 3261

  11. Wen FT (2014) A more secure anonymous user authentication scheme for the integrated EPR information system. J Med Syst 38(5):1–7

    Google Scholar 

  12. Wen FT, Susilo W, Yang GM (2014) A robust smart card based anonymous user authentication protocol for wireless communications. Secur Commun Netw 7(6):987–993

    Article  Google Scholar 

  13. Wood A, Stankovic JA (2002) Denial of service in sensor networks. Computer 35(10):54–62

    Article  Google Scholar 

  14. Xue KP, Hong PL, Ma CS (2014) A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J Comput Syst Sci 80(1):195–206

    Article  MathSciNet  MATH  Google Scholar 

  15. Yeh HL, Chen TH, Shih WK (2014) Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Comput Stand Inter 36(2):397–402

    Article  Google Scholar 

  16. Zhang Z, Sun Q, Wong WC, Apostolopoulos J, Wee S (2007) Rate-distortion-authentication optimized streaming of authenticated video. IEEE Trans Circuits Syst Video Technol 17(5):544–557

    Article  Google Scholar 

  17. Zhang L, Tang S, Cai Z (2013) Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card. Int ournal Commun Syst 27(11):2691–2702

    Google Scholar 

  18. Zhou L, Chao HC, Vasilakos AV (2011) Joint forensics-scheduling strategy for delay-sensitive multimedia applications over heterogeneous networks. IEEE J Sel Areas Commun 29(7):1358–1367

    Article  Google Scholar 

Download references

Acknowledgments

The authors are grateful to the editor and anonymous reviewers for their valuable suggestions. This work is supported by Natural Science Foundation of Shandong Province (No. ZR2013FM009).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Fengtong Wen.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lin, H., Wen, F. & Du, C. An anonymous and secure authentication and key agreement scheme for session initiation protocol. Multimed Tools Appl 76, 2315–2329 (2017). https://doi.org/10.1007/s11042-015-3220-2

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-015-3220-2

Keywords

Navigation