A robust mutual authentication with a key agreement scheme for session initiation protocol

Chien Ming Chen, Bin Xiang, King Hang Wang, Kuo Hui Yeh, Tsu Yang Wu*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

36 Scopus citations

Abstract

Session initiation protocol (SIP) is the most widely used application layer control protocol for creating, modifying, and terminating session processes. Many authentication schemes have been proposed for SIP aimed at providing secure communication. Recently, a new authentication and key agreement scheme for SIP has been proposed, and it was claimed that it could resist a variety of attacks. However, in this paper, we show that this scheme is vulnerable to an offline password guessing attack and a stolen memory device attack. Furthermore, we show that it lacks the verification mechanism for a wrong password, and that the password updating process is not efficient. To mitigate the flaws and inefficiencies of this scheme, we design a new robust mutual authentication with a key agreement scheme for SIP. A security analysis revealed that our proposed scheme was robust to several kinds of attacks. In addition, the proposed scheme was simulated by the automatic cryptographic protocol tool ProVerif. A performance analysis showed that our proposed scheme was superior to other related schemes.

Original languageEnglish
Article number1789
JournalApplied Sciences (Switzerland)
Volume8
Issue number10
DOIs
StatePublished - 1 Oct 2018

Keywords

  • Cryptanalysis
  • Key agreement
  • Mutual authentication
  • SIP

Fingerprint

Dive into the research topics of 'A robust mutual authentication with a key agreement scheme for session initiation protocol'. Together they form a unique fingerprint.

Cite this