Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Perfect forward secrecy via an ECC-based authentication scheme for SIP in VoIP

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

With the advent of the internet, Voice over Internet Protocol (VoIP) has obtained a considerable amount of attention due to its low cost, and ease of implementation. Similar to other emerging technologies, VoIP faces several challenges, including security in terms of confidentiality, integrity, and authenticity. Specifically, there is a need for secure and efficient authentication and key agreement scheme to address the security requirements of communications over VoIP networks. Recently, Ravanbakhsh et al. have presented an authentication and key agreement protocol for VoIP networks. Here, in this article, we first prove that Ravanbakhsh et al.’s scheme cannot provide perfect forward secrecy. Next, we present an elliptic curve cryptography-based secure two-factor authentication and key agreement scheme. We analyze the security of the proposed scheme informally, and demonstrate that the proposed scheme can provide different security features, including perfect forward secrecy, and is robust against security attacks such as the impersonation attack, the replay attack, and the stolen-verifier attack. Furthermore, we simulate the protocol and analyze its security formally using Scyther tool. The results show its robustness against different attacks, and its ability to provide perfect forward secrecy. We compare the computation cost of the proposed scheme with the related schemes. Results show that the proposed scheme achieves a satisfiable performance comparable to other ECC-based methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Zhang L, Tang S, Zhu S (2016) An energy efficient authenticated key agreement protocol for SIP-based green VoIP networks. J Netw Comput Appl 59:126–133

    Article  Google Scholar 

  2. Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L (1999) HTTP authentication: basic and digest access authentication. Internet RFC 2617

  3. Butcher D, Li X, Guo J (2007) Security challenge and defense in VoIP infrastructures. IEEE Trans Syst Man Cybern Part C (Appl Rev) 37(6):1152–1162

    Article  Google Scholar 

  4. Lu Y, Li L, Peng H, Yang Y (2016) A secure and efficient mutual authentication scheme for session initiation protocol. Peer-to-Peer Netw Appl 9(2):449–459

    Article  Google Scholar 

  5. Yang CC, Wang RC, Liu WT (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24(5):381–386

    Article  Google Scholar 

  6. Farash MS (2016) Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Netw Appl 9(1):82–91

    Article  Google Scholar 

  7. Amin R, Islam SH, Biswas GP, Khan MK, Obaidat MS (2015) Design and analysis of an enhanced patient-server mutual authentication protocol for telecare medical information system. J Med Syst 39(11):137

    Article  Google Scholar 

  8. Chaudhry SA, Naqvi H, Sher M, Farash MS, Hassan MU (2017) An improved and provably secure privacy preserving authentication protocol for sip. Peer-to-Peer Netw Appl 10(1):1–15

    Article  Google Scholar 

  9. Sourav S, Odelu V, Prasath R (2019) Enhanced Session Initiation Protocols for Emergency Healthcare Applications. In: Thampi S, Madria S, Wang G, Rawat D, Alcaraz Calero J (eds) Security in Computing and Communications, vol 969. SSCC 2018. Communications in Computer and Information Science

  10. Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. Screen 137:3367

    Google Scholar 

  11. Yoon EJ, Yoo KY, Kim C, Hong YS, Jo M, Chen HH (2010) A secure and efficient SIP authentication scheme for converged VoIP networks. Comput Commun 33(14):1674–1681

    Article  Google Scholar 

  12. Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 6(2):165–178

    Article  Google Scholar 

  13. Tsai JL (2009) Efficient nonce-based authentication scheme for session initiation protocol. IJ Netw Secur 9(1):12–16

    Google Scholar 

  14. Pu Q, Wang J, Wu S (2013) Secure SIP authentication scheme supporting lawful interception. Secur Commun Netw 6(3):340–350

    Article  Google Scholar 

  15. Zhang L, Tang S, Cai Z (2014) Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card. Int J Commun Syst. 7(11):2691–2702

    Google Scholar 

  16. Zhang L, Tang S, Cai Z (2014) Cryptanalysis and improvement of password-authenticated key agreement for session initiation protocol using smart cards. Secur Commun Netw 7(12):2405–2411

    Article  Google Scholar 

  17. Jiang Q, Ma J, Tian Y (2015) Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of Zhang et al. Int J Commun Syst 28(7):1340–1351

    Article  Google Scholar 

  18. Arshad H, Nikooghadam M (2015) Security analysis and improvement of two authentication and key agreement schemes for session initiation protocol. J Supercomput 71(8):3163–3180

    Article  Google Scholar 

  19. Irshad A, Sher M, Rehman E, Ch SA, Hassan MU, Ghani A (2015) A single round-trip sip authentication scheme for voice over internet protocol using smart card. Multimed Tools Appl 74(11):3967–3984

    Article  Google Scholar 

  20. Arshad H, Nikooghadam M (2016) An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimed Tools Appl 75(1):181–197

    Article  Google Scholar 

  21. Tu H, Kumar N, Chilamkurti N, Rho S (2015) An improved authentication protocol for session initiation protocol using smart card. Peer-to-Peer Netw Appl 8(5):903–910

    Article  Google Scholar 

  22. Farash MS, Attari MA (2016) An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards. Int J Commun Syst 29(13):1956–1967

    Article  Google Scholar 

  23. Mishra D, Das AK, Mukhopadhyay S (2016) A secure and efficient ECC-based user anonymity preserving session initiation authentication protocol using smart card. Peer-to-peer Netw Appl 9(1):171–192

    Article  Google Scholar 

  24. Lu Y, Li L, Peng H, Yang Y (2017) An anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 76(2):1801–1815

    Article  Google Scholar 

  25. Zhang L, Tang S, Zhu S (2017) Privacy-preserving authenticated key agreement scheme basedon biometrics for session initiation protocol. Wirel Netw 23(6):1901–1916

    Article  Google Scholar 

  26. Irshad A, Chaudhry SA, Kumari S, Usman M, Mahmood K, Faisal MS (2017) An improved lightweight multi-server authentication scheme. Int J Commun Syst 30:e3351

    Article  Google Scholar 

  27. Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong HY (2015) A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 74(10):3477–3488

    Article  Google Scholar 

  28. Nikooghadam M, Jahantigh R, Arshad H (2017) A lightweight authentication and key agreement protocolpreserving user anonymity. Multimed Tools Appl 76(11):13401–13423

    Article  Google Scholar 

  29. Sureshkumar V, Amin R, Anitha R (2018) A robust mutual authentication scheme for session initiation protocol with key establishment. Peer-toPeer Netw Appl 11(5):900–916

    Article  Google Scholar 

  30. Ravanbakhsh N, Mohammadi M, Nikooghadam M (2018) Perfect forward secrecy in VoIP networks through design a lightweight and secure authenticated communication scheme. Multimed Tools Appl 78:11129–11153

    Article  Google Scholar 

  31. Chaudhry SA, Farash MS, Naqvi H, Kumari S, Khan MK (2015) An enhanced privacy preserving remote user authentication scheme with provable security. Secur Commun Netw 8(18):3782–3795

    Article  Google Scholar 

  32. Cremers C (2006) Scyther, Semantics and Verification of Security Protocols. Ph.D. dissertation, Eindhoven University of Technology

  33. Xu L, Wu F (2015) Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J Med Syst 39:10

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Engineering, Ferdowsi University of Mashhad, Mashhad, Iran

    Mahdi Nikooghadam & Haleh Amintoosi

Authors
  1. Mahdi Nikooghadam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haleh Amintoosi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haleh Amintoosi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nikooghadam, M., Amintoosi, H. Perfect forward secrecy via an ECC-based authentication scheme for SIP in VoIP. J Supercomput 76, 3086–3104 (2020). https://doi.org/10.1007/s11227-019-03086-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-019-03086-z

Keywords

Search

Navigation