Skip to main content
SpringerLink
Log in

A provably secure anonymous mutual authentication scheme with key agreement for SIP using ECC

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Recently, Lu et al. and Chaudhry et al. presented an authenticated key agreement scheme for session initiation protocol (SIP), respectively. They illustrated their schemes are secure against various familiar attacks. However, we demonstrate Lu et al.’s scheme is vulnerable to stolen verifier attack and Chaudhry et al.’s scheme is insecure to session key attack. To solve these problems, we propose a new provably secure mutual authentication scheme for SIP. Informal security analysis illustrates this proposed protocol can withstand different kinds of familiar attacks including stolen verifier attack and session key attack. And the correctness and security of the proposed protocol is also proved through Protocol Composition Logic (PCL) and generic group model. Eventually, security comparison shows our proposed scheme is more secure and performance analysis demonstrates the computation cost is also acceptable.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Arkko J, Torvinen V, Camarillo G, Niemi A, Haukka T (2003) Security mechanism agreement for the session initiation protocol (sip). Cognitiva 12(1):37–61

    Google Scholar 

  2. Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2):165–178

    Article  Google Scholar 

  3. Cao X, Zhong S (2006) Breaking a remote user authentication scheme for multi-server architecture. IEEE Commun Lett 10(8):580–581

    Article  Google Scholar 

  4. Chatterjee S, Das AK, Sing JK (2014) An enhanced access control scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Netw 21(1):121–149

    Google Scholar 

  5. Chaudhry SA, Khan I, Irshad A, Ashraf MU, Khan MK, Ahmad HF (2016) A provably secure anonymous authentication scheme for session initiation protocol. Secur Commun Netw

  6. Chaudhry SA, Naqvi H, Sher M, Farash MS, Hassan MU (2015) An improved and provably secure privacy preserving authentication protocol for sip. Peer-to-Peer Network Appl 1–15

  7. Chen T, Yeh H, Liu P, Hsiang H, Shih W (2010) A secured authentication protocol for sip using elliptic curves cryptography. Commun Comput Inf Sci 119:46–55

    Google Scholar 

  8. Denning DE, Sacco GM (1981) Timestamps in key distribution systems. Commun Acm 24(8):533–536

    Article  Google Scholar 

  9. Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

    Article  MathSciNet  MATH  Google Scholar 

  10. Durlanik A, Sogukpinar I (2005) Sip authentication scheme using ecdh. Screen 137:3367

    Google Scholar 

  11. Eisenbarth T, Kasper T, Moradi A, Paar C, Salmasizadeh M, Shalmani MT (2008) On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In: Conference on cryptology: Advances in cryptology, pp 203–220

  12. Farash MS, Attari MA (2013) An enhanced authenticated key agreement for session initiation protocol. Inf Technol Control 42(4):333–342

    Google Scholar 

  13. Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L (1999) Rfc 2617: Http authentication: Basic and digest access authentication. In: Ietf Rfc

  14. Gokhroo MK, Jaidhar CD, Tomar AS (2011) Cryptanalysis of sip secure and efficient authentication scheme. In: IEEE International conference on communication software and networks, pp 308–310

  15. He D, Chen J, Chen Y (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Netw 5(12):1423–1429

    Article  Google Scholar 

  16. Jia LT (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 8 (1):12–16

    Google Scholar 

  17. Hakan Kilinc H, Yanik Tugrul (2014) A survey of sip authentication and key agreement schemes. IEEE Commun Surv Tutor 16(2):1005–1023

    Article  Google Scholar 

  18. Yi PL, Wang SS (2010) A new secure password authenticated key agreement scheme for sip using self-certified public keys on elliptic curves. Comput Commun 33(3):372–380

    Article  MathSciNet  Google Scholar 

  19. Lin CL, Hwang T (2003) A password authentication scheme with secure password updating. Comput Secur 22(1):68–72

    Article  Google Scholar 

  20. Yanrong L, Li L, Peng H, Yang Y (2016) A secure and efficient mutual authentication scheme for session initiation protocol. Peer-to-Peer Network Appl 9(2):1–11

    Google Scholar 

  21. Mitchell JC, Datta A (2005) Security analysis of network protocols: Compositional reasoning and complexity-theoretic foundations. pp 468–483

  22. Odelu V, Das AK, Goswami A (2014) A secure effective key management scheme for dynamic access control in a large leaf class hierarchy. Inform Sci 269(4):270–285

    Article  MathSciNet  MATH  Google Scholar 

  23. Pu Q (2010) Weaknesses of sip authentication scheme for converged voip networks. Iacr Cryptology Eprint Archive

  24. Salsano S, Veltri L, Papalilo D (2002) SIP security issues: The SIP authentication procedure and its processing load. IEEE Press

  25. Stinson DR (2006) Some observations on the theory of cryptographic hash functions. Des Codes Crypt 38 (2):259–277

    Article  MathSciNet  MATH  Google Scholar 

  26. Thomas M et al (2001) Sip security requirements. IETF Intemet dren (draftthomas-sip-sec-reg’OO txt)

  27. Vanstone A (1997) Elliptic curve cryptosystem — the answer to strong, fast public-key cryptography for securing constrained environments. Inf Secur Tech Rep 2(2):78–87

    Article  Google Scholar 

  28. Liufei W, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for sip using ecc. Comput Standards Interf 31(2):286–291

    Article  Google Scholar 

  29. Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54

    Article  Google Scholar 

  30. Yang CC, Wang RC, Liu WT (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24(5):381–386

    Article  Google Scholar 

  31. Yoon EJ, Shin YN, Il SJ, Yoo KY (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. Iete Tech Rev 27(3):203–213

    Article  Google Scholar 

  32. Yoon EJ, Yoo KY (2009) Cryptanalysis of ds-sip authentication scheme using ecdh. In: International conference on new trends in information and service science, pp 642–647

  33. Yoon EJ, Yoo KY, Kim C, Hong YS, Jo M, Chen HH (2010) A secure and efficient sip authentication scheme for converged voip networks. Comput Commun 33(14):1674–1681

    Article  Google Scholar 

  34. Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong HYg (2015) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 74(10):3477–3488

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Mathematics and Statistics, Wuhan University, Wuhan, Hubei, 430072, China

    Dongqing Xu, Shu Zhang, Jianhua Chen & Mimi Ma

Authors
  1. Dongqing Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shu Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jianhua Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mimi Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dongqing Xu.

Ethics declarations

Conflict of interests

The authors declare that there is no conflict of interest regarding the publication of the paper.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xu, D., Zhang, S., Chen, J. et al. A provably secure anonymous mutual authentication scheme with key agreement for SIP using ECC. Peer-to-Peer Netw. Appl. 11, 837–847 (2018). https://doi.org/10.1007/s12083-017-0583-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-017-0583-3

Keywords

Search

Navigation