Abstract
Session Initial Protocol (SIP) has been widely adopted for signaling and controlling interactive sessions in multimedia communication networks. Despite its various advantages compared to predecessor protocols, the security and privacy of the SIP remain challenges due to the risk of real-world public networks. While most SIP applications utilize end-to-end communications, existing studies mainly focus on client-server protocols. In this study, we propose a novel SIP authenticated key agreement protocol for all user-server, user-user, and group communications. An end user employs a short-term token to communicate with either end-users or multimedia servers without connecting to a trusted server. Our security analyzes show that the scheme not only resists all known attacks, but provides the system with many desirable features, including direct end-to-end communications, preserving biometric template privacy, user access control, smart card revocation, and long-term secret updates. The latency of the authenticated key agreement phase is relatively small, and thus this signaling protocol is appropriate for a wide range of real-time applications.
Similar content being viewed by others
References
Arshad H, Nikooghadam M (2014) Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. J Med Syst 38(12):136
Arshad H, Nikooghadam M (2015) Security analysis and improvement of two authentication and key agreement schemes for session initiation protocol. J Supercomput 71(8):3163–3180
Arshad H, Nikooghadam M (2016) An efficient and secure authentication and key agreement scheme for session initiation protocol using ecc. Multimed Tools Appl 75(1):181–197
Barker E (2016) Recommendation for key management part 1: General (revision 4). NIST Spec Publ 800(57):1–147
Butcher D, Li X, Guo J (2007) Security challenge and defense in VoIP infrastructures. IEEE Trans Syst Man Cybern Part C (Appl Rev) 37(6):1152–1162
Chaudhry SA, Naqvi H, Sher M, Farash MS, Hassan MU (2015) An improved and provably secure privacy preserving authentication protocol for SIP. Peer-to-Peer Networking and Applications, pp 1–15. https://doi.org/10.1007/s12083-015-0400-9
Das AK, Bruhadeshwar B (2013) An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system. J Med Syst 37(5):1–17
Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198– 208
Eckhoff D, Wagner I (2017) Privacy in the smart city–applications, technologies, challenges and solutions. IEEE Communications Surveys & Tutorials. https://doi.org/10.1109/COMST.2017.2748998
Farash MS, Attari MA (2014) An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards. International Journal of Communication Systems
Farash MS (2016) Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Netw Appl 9(1):82–91
Farash MS, Kumari S, Bakhtiari M (2016) Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Multimed Tools Appl 75(8):4485–4504
Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L (1999) HTTP authentication: Basic and digest access authentication. Technical report IETF
Geneiatakis D, Dagiuklas T, Kambourakis G, Lambrinoudakis C, Gritzalis S, Ehlert S, Sisalem D et al (2006) Survey of security vulnerabilities in session initiation protocol. IEEE Commun Surv Tutorials 8(1-4):68–81
Handley M, Schulzrinne H, Schooler E, Rosenberg J (1999) SIP: session initiation protocol. Technical report IETF
Irshad A, Sher M, Faisal MS, Ghani A, Ul Hassan M, Ashraf Ch S (2014) A secure authentication scheme for session initiation protocol by using ECC on the basis of the tang and liu scheme. Secur Commun Netw 7(8):1210–1218
Irshad A, Sher M, Rehman E, Ch SA, Hassan MU, Ghani A (2015) A single round-trip SIP authentication scheme for voice over internet protocol using smart card. Multimed Tools Appl 74(11):3967–3984
Islam SH (2015) Design and analysis of a three party password-based authenticated key exchange protocol using extended chaotic maps. Inf Sci 312:104–130
Jain AK, Nandakumar K, Nagar A (2008) Biometric template security. EURASIP J Adv Signal Process 2008:113
Jiang Q, Ma J, Tian Y (2015) Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of zhang others. Int J Commun Syst 28(7):1340–1351
Keromytis AD (2012) A comprehensive survey of voice over ip security research. IEEE Commun Surv Tutorials 14(2):514–537
Kumari S, Chaudhry SA, Wu F, Li X, Farash MS, Khan MK (2015) An improved smart card based authentication scheme for session initiation protocol. Peer-to-Peer Networking and Applications, pp 1–14. https://doi.org/10.1007/s12083-015-0409-0
Leng L, Zhang J (2013) Palmhash code vs. palmphasor code. Neurocomputing 108:1–12
Leng L, Teoh ABJ, Li M, Khan MK (2014) Analysis of correlation of 2dpalmhash code and orientation range suitable for transposition. Neurocomputing 131:377–387
Leng L, Teoh ABJ, Li M, Khan MK (2014) A remote cancelable palmprint authentication protocol based on multi-directional two-dimensional PalmPhasor-fusion. Secur Commun Netw 7(11):1860–1871
Leng L, Teoh ABJ (2015) Alignment-free row-co-occurrence cancelable palmprint fuzzy vault. Pattern Recogn 48(7):2290–2303
Leng L, Teoh ABJ, Li M, Khan MK (2015) Orientation range of transposition for vertical correlation suppression of 2dpalmphasor code. Multimed Tools Appl 74 (24):11,683–11,701
Leng L, Teoh ABJ, Li M (2017) Simplified 2DPalmHash code for secure palmprint verification. Multimed Tools Appl 76(6):8373–8398
Li Y, Li X, Liu X (2017) A fast and efficient hash function based on generalized chaotic mapping with variable parameters. Neural Comput Appl 28(6):1405–1415
Liao YP, Wang SS (2010) A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves. Comput Commun 33 (3):372–380
Liu Y, Nie L, Liu L, Rosenblum DS (2016) From action to activity: Sensor-based activity recognition. Neurocomputing 181:108–115
Liu Y, Zheng Y, Liang Y, Liu S, Rosenblum DS (2016) Urban water quality prediction based on multi-task multi-view learning. In: Proceedings of the Twenty-Fifth International Joint Conference on Artificial Intelligence, IJCAI’16. AAAI Press, pp 2576–2582
Lu Y, Li L, Yang Y (2015) Robust and efficient authentication scheme for session initiation protocol. Math Probl Eng 2015:1–9
Lu Y, Li L, Peng H, Yang Y (2016) A secure and efficient mutual authentication scheme for session initiation protocol. Peer-to-Peer Netw Appl 9(2):449–459
Meng F, Fu G, Butler D (2017) Cost-effective river water quality management using integrated real-time control technology. Environ Sci Technol 51(17):9876–9886
Mishkovski I, Kocarev L (2011) Chaos-based public-key cryptography. In: Chaos-Based Cryptography. Springer, pp 27–65
Mishra D, Das AK, Mukhopadhyay S (2016) A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card. Peer-to-peer Netw Appl 9(1):171–192
Mishra D, Das AK, Mukhopadhyay S, Wazid M (2016) A secure and robust smartcard-based authentication scheme for session initiation protocol using elliptic curve cryptography. Wirel Pers Commun 91(3):1361–1391
Okamoto T, Pointcheval D (2001) The gap-problems: A new class of problems for the security of cryptographic schemes. In: International Workshop on Public Key Cryptography. Springer, pp 104–118
Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M, Schooler E (2002) SIP: session initiation protocol. Technical report IETF
Schulzrinne H, Wedlund E (2000) Application-layer mobility using SIP. In: Service Portability and Virtual Customer Environments, 2000 IEEE. IEEE, pp 29–36
Tu H, Kumar N, Chilamkurti N, Rho S (2015) An improved authentication protocol for session initiation protocol using smart card. Peer-to-Peer Netw Appl 8 (5):903–910
Wang CH, Liu Y (2011) A dependable privacy protection for end-to-end VoIP via Elliptic-Curve Diffie-Hellman and dynamic key changes. J Netw Comput Appl 34 (5):1545–1556
Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comput Stand Interfaces 31(2):286–291
Wu K, Gong P, Wang J, Yan X, Li P (2013) An improved authentication protocol for session initiation protocol using smart card and elliptic curve cryptography. Rom J Inf Sci Technol 16(4):324–335
Wu F, Xu L, Kumari S, Li X (2016) An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Networking and Applications, pp 1–20
Xie Q, Tang Z (2016) Biometrics based authentication scheme for session initiation protocol. SpringerPlus 5(1):1045
Yang CC, Wang RC, Liu WT (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24(5):381–386
Yeh HL, Chen TH, Shih WK (2014) Robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Comput Stand Interfaces 36(2):397–402
Yoon EJ, Yoo KY (2009) A new authentication scheme for session initiation protocol. CISIS 9:549–554
Zhang L, Tang S, Cai Z (2014) Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card. Int J Commun Syst 27(11):2691–2702
Zhang L, Tang S, Cai Z (2014) Robust and efficient password authenticated key agreement with user anonymity for session initiation protocol-based communications. IET Commun 8(1):83–91
Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong HY (2015) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 74(10):3477–3488
Zhang L, Tang S, Zhu S (2016) An energy efficient authenticated key agreement protocol for SIP-based green VoIP networks. J Netw Comput Appl 59:126–133
Zhang L, Tang S, Zhu S (2016) A lightweight privacy preserving authenticated key agreement protocol for SIP-based VoIP. Peer-to-Peer Netw Appl 9(1):108–126
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Nguyen, NT., Chang, CC. A biometric-based authenticated key agreement scheme for session initiation protocol in ip-based multimedia networks. Multimed Tools Appl 77, 23909–23947 (2018). https://doi.org/10.1007/s11042-018-5708-z
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-018-5708-z