Mourade Azrour
ABSTRACT
Telephony over IP is a service that allows exchanging flux multimedia via internet; it is based on two types of protocols: signalling protocols and transport protocols. The most popular signalling protocol is Session Initiation Protocol (SIP). The authentication is the required security service recommended by SIP. To response to this issue, several protocols have been proposed. In this paper we have based on proposed authentication protocol based on chaotic maps to propose an efficient SIP authentication and key agreement protocol based on chaotic maps and using smart card. The security and performance analysis shows that our proposed protocol can resist to various attacks.
- M. Handley,H. Schulzrinne,E. Schooler, and J. Rosenberg. 1999. SIP: Session Initiation Protocol. (March 1999).Google Scholar
Digital Library
- J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence,P. Leach, A. Luotonen, and L. Stewart. 1999. HTTP Authentication: Basic and Digest Access Authentication.. (June 1999).Google Scholar
- C.C.Yang, R.C Wang and W.T. Liu. 2005. Secure authentication scheme for session initiation protocol. Computers & Security. vol 24, (2005), 381--386. Google ScholarDigital Library
- W. Diffie, and M. Hellman. 1976. New directions in cryptology. IEEE Transaction on Information Theory. vol. 22, no. 6. (1976). Google ScholarDigital Library
- A. Durlanik and I. Sogukpinar. 2005. SIP Authentication Scheme using ECDH. World EnformatikaSocityTransations on Engineering Computing and Technology. Vol. 8. (2005), 350--353Google Scholar
- E.J. Yoon and K.Y. Yoo. 2009. Cryptanalysis of DS-SIP authentication scheme using ECDH". in 2009 International Conference on New Trends in Information and Service Science (2009), 642--647. Google ScholarDigital Library
- E.J. Yoon, K..Y. Yoo, C. Kim, Y.S. Hong, M. Jo, and H.H. Chen. 2010. A secure and efficient SIP authentication scheme for converged VoIP networks. Computer Communications. vol. 33, no. 14. (2010)1674--1681. Google ScholarDigital Library
- H. Huang,W.Wei, and G. E. Brown. 2006. A new efficient authentication scheme for session initiation protocol. in Proceedings of the 9th Joint Conference on Information Sciences (2006).Google Scholar
- H. Jo, Y. Lee,M. Kim, S. Kim, and D.Won. 2009. Of-line password guessing attack to Yang's and Huang's authentication schemes for session initiation protocol. in Proceedings of the 5th International Joint Conference on INC, IMS and IDC (NCM '09). (August 2009), 618--621. Google ScholarDigital Library
- L.Wu, Y. Zhang, and F. Wang. 2009. A new provably secure authentication and key agreement protocol for SIP using ECC. Computer Standards and Interfaces. 31, 2. (2009)286--291. Google ScholarDigital Library
- E.J. Yoon, and K.Y. Yoo. 2009. A new authentication scheme for session initiation protocol, in 2009 International Conference on Complex, Intelligent and Software Intensive Systems", CISIS '09 (2009), 549--554.Google ScholarCross Ref
- J. L. Tsai. Efficient nonce-based authentication scheme for session initiation protocol. International Journal of Network Security. vol. 8, no. 3. (May 2009), 312--316.Google Scholar
- R. Arshad, and N. Ikram. 2013. Elliptic curve cryptography based mutual authentication scheme for session imitation protocol. Multimedia Tools Appl. Vol. 66, No. 2. (2013), 165--178. Google ScholarDigital Library
- Q. Xie. 2012. A new authenticated key agreement for session initiation protocol; International Journal of Communication Systems. Vol. 25, No. 1. (2012), 47--54. Google ScholarDigital Library
- H. Tang, and X. Liu. 2013. Cryptanalysis of Arshad et al.'s ECC-based mutual authentication scheme for session initiation protocol. Multimedia Tools and Applications. Vol. 65, No. 3. (2013), 165--178. Google ScholarDigital Library
- Farash et al.. 2013. An Enhanced Authenticated Key Agreement for Session Initiation Protocol. INFORMATION TECHNOLOGY AND CONTROL. Vol.42, No. 4 (2013).Google Scholar
- Sadat et al. 2012. Proposed SecureSIP Authentication Scheme based on Elliptic Curve Cryptography. International Journal of Computer Applications. 58(8). (November 2012),25--30.Google ScholarCross Ref
- S. S. M. Nik and M. Shahrab. 2014. Mutual SIP Authentication Scheme Based on ECC. International Journal of Computer and Electrical Engineering. 6 (2). (April 2014).Google Scholar
- F. W. Liu, and H. Koenig. 2011. Cryptanalysis of a SIP authentication scheme. In: 12th IFIP TC6/TC11 International Conference, CMS 2011, Lecture Notes in Computer Science. Vol. 7025. (2011), 134--143. Google ScholarDigital Library
- N. Koblitz. 1987. Elliptic curve cryptosystems,. Mathematics of Computation. 48(177). (1987), 203--209.Google Scholar
- L. Zhang, S. Tang, and Z. Cai. 2013. Efficient and flexible passwordauthenticated key agreement for voice over internet protocolsession initiation protocol using smart card. International Journalof Communication Systems. 27(11),. (2013)2691--2702. Google ScholarDigital Library
- H. Tu, N. Kumar, N. Chilamkurti, and S. Rho. 2014. An improved authentication protocol for session initiation protocol using smart card. Peer-to-Peer Networking and Applications. 8(5). (2014), 903--910.Google ScholarCross Ref
- K. Wu, P. Gong, J. Wang, X. Yan, and P. Li. 2013. An Improved Authentication Protocol for Session Initiation Protocol Using Smart Card and Elliptic Curve Cryptography. ROMANIAN JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY. 16 (4). (2013), 324--335.Google Scholar
- A. Irshad, M. Sher, E. Rehman, ChS. Ashraf, MU. Hassan, and A. Ghani. 2013. A single round-trip SIP authentication scheme for voice over internet protocol using smart card. Multimed Tools. (Appl.2013). Google ScholarDigital Library
- L. Zhang, S. Tang, and Z. Cai. 2014. Cryptanalysis and improvement of password-authenticated key agree-ment for session initiation protocol using smart cards. Secur Commun (Netw. 2014)Google Scholar
- Q.Jiang, J. Ma, and Y. Tian. Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of zhang et al. International Journal of Communication Systems. 28(7). (2014). Google ScholarDigital Library
- Wenxia Zhu, Jianhua Chen and Debiao He. 2015. Enhanced authentication protocol for session initiation protocol using smart card. Int. J. Electronic Security and Digital Forensics. 7 (4). (2015) Google ScholarDigital Library
- S. A. Chaudhry, K. Mahmood, H. Naqvi, and M. Sher. 2015. A secure authentication scheme for session initiation protocol based on elliptic curve cryptography. 2015 IEEE International Conference on Computer and Information Technology, Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing, Pervasive Intelligence and Computing.Google Scholar
- H.Lin, F. Wen, and C.Du. 2016. An anonymous and secure authentication and key agreement scheme for session initiation protocol. Multimed Tools Appl. (2016). Google ScholarDigital Library
- Azrour M, Farhaoui Y, Ouanan M. A server spoofing attack on Zhang et al. SIP authentication protocol. Int. J. Tomogr. Simul. 2017 Jul 18;30(3):47--58.Google Scholar
- Azrour M., Farhaoui Y., and Ouanan M. A New Secure SIP Authentication Scheme Based On Elliptic Curve Cryptography. International Conference on Information Technology and Communication Systems 2017. Springer International Publishing.Google Scholar
- Azrour M., Farhaoui Y. and Ouanan, M. 2017. A New Secure Authentication and Key Exchange Protocol for Session Initiation Protocol Using Smart Card. International Journal of Network Security. 19(6). (2017), 870--879.Google Scholar
- Azrour M., Ouanan M. and Farhaoui, Y. 2017. Survey of Detection SIP Malformed Messages. Indonesian Journal of Electrical Engineering and Computer Science. 7(2). (August 2017), 457--465Google Scholar
- Azrour M., Ouanan M., and Farhaoui, Y. 2016. SIP Authentication Protocols Based On Elliptic Curve Cryptography: Survey and comparison. Indonesian Journal of Electrical Engineering and Computer Science. 4(1). (2016), 231--239.Google ScholarCross Ref
- B. Liu and J. Peng. 2004 Nonlinear Dynamics (Beijing: High EducationPress) p. 13Google Scholar
- X. Wang and J. Zhao. 2010. An improved key agreement protocol based on chaos. Communications in Nonlinear Science and Numerical Simulation. 15(12). (2010), 4052--4057.Google ScholarCross Ref
- Niu YJ and Wang XY. 2010. An anonymous key agreement protocol based on chaotic maps. Commun Nonlinear Sci Numer Simul. 16. (2011), 1986--1992.Google Scholar
- Guo, C. and Chang, C.C. 2013. Chaotic maps-based password-authenticated key agreement using smart cards". Commun. Nonlinear Sci. Numer. Simul. 18(6). (2013), 1433--1440Google ScholarCross Ref
- T.Lee, C.Lin, C.Lin, and T. Hwang. Provably secure extended chaotic map-based three-party key agreement protocols using password authentication. Nonlinear Dyn.Google Scholar
- D. Xiao, X. Liao, and S. Deng. 2007. A novel key agreement protocol based on chaotic maps. Information Sciences. 177(4). 2007, 1136--1142. Google ScholarDigital Library
- S. J. Xu, X. B. Chen, R. Zhang, Y. X. Yang, and Y. C. Guo. 2012. An improved chaotic cryptosystem based on circular bit shift and XOR operations. Physics Letters A. 376(10). (2012), 1003--1010.Google ScholarCross Ref
- H. Zhu and Y. Zhang. 2017. An Improved Two-party Password-Authenticated Key Agreement Protocol with Privacy Protection Based on Chaotic Maps. International Journal of Network Security. 19(4). (July 2017), 481--491.Google Scholar
- Bergamo, P.,D'Arco, P.,De Santis,A., and Kocarev, L. 2005. Security of public-key cryptosystems based on chebyshev polynomials. IEEE Trans. Circuits Syst. I Regul. Pap. 52(7). (2005), 1382--1393.Google ScholarCross Ref
- L.H. Zhang. Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos Solitons Fract. 37. (2008), 669--674.Google Scholar
- H. F. Zhu. 2016. Sustained and authenticated of a universal construction for multiple key agreement based on chaotic maps with privacy preserving. Journal of Internet Technology. 17(5). (2016), 1--10.Google Scholar
- Farash, M.. 2014. Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Networking and Applications. (2014),1--10.Google Scholar
- H. Arshad, M. Nikooghadam. 2014. An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimed Tools Appl. 201. Google ScholarDigital Library
Index Terms
- A New Efficient SIP Authentication and Key Agreement Protocol Based on Chaotic Maps and Using Smart Card
Recommendations
Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of Zhang et al.
As the core signaling protocol for multimedia services, such as voice over internet protocol, the session initiation protocol SIP is receiving much attention and its security is becoming increasingly important. It is critical to develop a roust user ...
Communication-efficient three-party protocols for authentication and key agreement
Encrypted key exchange (EKE) authentication approaches are very important for secure communicating over public networks. In order to solve the security weaknesses three-party EKE, Yeh et al. [H.T. Yeh, H.M. Sun, T. Hwang, Efficient three-party ...
A Novel Chaotic Maps-Based User Authentication and Key Agreement Protocol for Multi-server Environments with Provable Security
The widespread popularity of the computer networks has triggered concerns about information security. Password-based user authentication with key agreement protocols have drawn attentions since it provides proper authentication of a user before granting ...
Comments