short-paper

An Enhanced Anonymous Two-factor Mutual Authentication with Key-agreement Scheme for Session Initiation Protocol

Authors:

Alavalapati Goutham Reddy,

Ashok Kumar Das,

Kee-Young YooAuthors Info & Claims

SIN '16: Proceedings of the 9th International Conference on Security of Information and Networks

Pages 145 - 149

https://doi.org/10.1145/2947626.2947650

Published: 20 July 2016 Publication History

Abstract

A two-factor authenticated key-agreement scheme for session initiation protocol emerged as a best remedy to overcome the ascribed limitations of the password-based authentication scheme. Recently, Lu et al. proposed an anonymous two-factor authenticated key-agreement scheme for SIP using elliptic curve cryptography. They claimed that their scheme is secure against attacks and achieves user anonymity. Conversely, this paper's keen analysis points out several severe security weaknesses of the Lu et al.'s scheme. In addition, this paper puts forward an enhanced anonymous two-factor mutual authenticated key-agreement scheme for session initiation protocol using elliptic curve cryptography. The security analysis and performance analysis sections demonstrates that the proposed scheme is more robust and efficient than Lu et al.'s scheme.

References

[1]

Yang, C. C., Wang, R. C., & Liu, W. T. (2005). Secure authentication scheme for session initiation protocol. Computers & Security, 24(5), 381--386.

Digital Library

[2]

Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., & Stewart, L. (1999). HTTP authentication: Basic and digest access authentication. RFC 2617, Internet Engineering Task Force.

Digital Library

[3]

Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., & Schooler, E. (2002). SIP: session initiation protocol (Vol. 23). RFC 3261, Internet Engineering Task Force.

Digital Library

[4]

Arshad, H., & Nikooghadam, M. (2016). An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimedia Tools and Applications, 75(1), 181--197.

Digital Library

[5]

He, D., Chen, J., & Chen, Y. (2012). A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Security and Communication Networks, 5(12), 1423--1429.

Digital Library

[6]

Irshad, A., Sher, M., Faisal, M. S., Ghani, A., Ul Hassan, M., & Ashraf Ch, S. (2014). A secure authentication scheme for session initiation protocol by using ECC on the basis of the Tang and Liu scheme. Security and Communication Networks, 7(8), 1210--1218.

Digital Library

[7]

Jiang, Q., Ma, J., & Tian, Y. (2015). Cryptanalysis of smart-card-based password authenticated key agreement protocol for session initiation protocol of Zhang et al. International Journal of Communication Systems,28(7), 1340--1351.

Digital Library

[8]

Lu, Y., Li, L., Peng, H., & Yang, Y. (2015). An anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography. Multimedia Tools and Applications, 1--15.

[9]

Mishra, D., Das, A. K., & Mukhopadhyay, S. (2016). A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card. Peer-to-peer networking and applications, 9(1), 171--192.

[10]

Wang, F., & Zhang, Y. (2008). A new provably secure authentication and key agreement mechanism for SIP using certificate less public-key cryptography. Computer Communications, 31(10), 2142--2149.

Digital Library

[11]

Wu, L., Zhang, Y., & Wang, F. (2009). A new provably secure authentication and key agreement protocol for SIP using ECC. Computer Standards & Interfaces, 31(2), 286--291.

Digital Library

[12]

Yoon, E. J., Yoo, K. Y., Kim, C., Hong, Y. S., Jo, M., & Chen, H. H. (2010). A secure and efficient SIP authentication scheme for converged VoIP networks. Computer Communications, 33(14), 1674--1681.

Digital Library

[13]

Zhang, L., Tang, S., & Zhu, S. (2016). An energy efficient authenticated key agreement protocol for SIP-based green VoIP networks. Journal of Network and Computer Applications, 59, 126--133.

Digital Library

[14]

Kocher, P., Jaffe, J., & Jun, B. (1999, August). Differential power analysis. In Advances in Cryptology---CRYPTO'99 (pp. 388--397). Springer Berlin Heidelberg.

Digital Library

[15]

Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. Computers, IEEE Transactions on, 51(5), 541--552.

Digital Library

Cited By

Meshram CLee CBahkali IImoize A(2023)An Efficient Fractional Chebyshev Chaotic Map-Based Three-Factor Session Initiation Protocol for the Human-Centered IoT ArchitectureMathematics10.3390/math1109208511:9(2085)Online publication date: 27-Apr-2023
https://doi.org/10.3390/math11092085
Choi Y(2018)Security Enhanced Anonymous Two Factor Mutual Authentication Scheme with Key AgreementJournal of Digital Contents Society10.9728/dcs.2018.19.12.241519:12(2415-2422)Online publication date: 31-Dec-2018
https://doi.org/10.9728/dcs.2018.19.12.2415
Haiyan XLifang W(2018)An Enhanced Smart Card and Biometrics-Based Authentication Scheme in Multi-server EnvironmentComplex, Intelligent, and Software Intensive Systems10.1007/978-3-319-93659-8_70(770-779)Online publication date: 19-Jun-2018
https://doi.org/10.1007/978-3-319-93659-8_70

An Enhanced Anonymous Two-factor Mutual Authentication with Key-agreement Scheme for Session Initiation Protocol
1. Security and privacy
  1. Security services

Recommendations

A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography

The session initiation protocol (SIP) is one of the most important protocols supporting multimedia services. With the wide spread of the internet, the security of SIP is becoming more and more important. In 2009, Tsai proposed an efficient ...
Elliptic curve cryptography based mutual authentication scheme for session initiation protocol

The Session Initiation Protocol (SIP) is the most widely used signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the ...
A Secure and Robust Smartcard-Based Authentication Scheme for Session Initiation Protocol Using Elliptic Curve Cryptography

The session initiation protocol (SIP) is a signaling communications protocol, which is widely used for controlling multimedia communication sessions. Recently, Yeh et al. presented an ECC-based authenticated protocol for SIP to conquer various attacks ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

SIN '16: Proceedings of the 9th International Conference on Security of Information and Networks

July 2016

186 pages

ISBN:9781450347648

DOI:10.1145/2947626

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 July 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Funding Sources

BK21 Plus project (SW Human Resource Development Program for Supporting Smart Life)

Conference

SIN '16

SIN '16: 9th International Conference on Security of Information and Networks

July 20 - 22, 2016

NJ, Newark, USA

Acceptance Rates

SIN '16 Paper Acceptance Rate 12 of 46 submissions, 26%;

Overall Acceptance Rate 102 of 289 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
140
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 02 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Meshram CLee CBahkali IImoize A(2023)An Efficient Fractional Chebyshev Chaotic Map-Based Three-Factor Session Initiation Protocol for the Human-Centered IoT ArchitectureMathematics10.3390/math1109208511:9(2085)Online publication date: 27-Apr-2023
https://doi.org/10.3390/math11092085
Choi Y(2018)Security Enhanced Anonymous Two Factor Mutual Authentication Scheme with Key AgreementJournal of Digital Contents Society10.9728/dcs.2018.19.12.241519:12(2415-2422)Online publication date: 31-Dec-2018
https://doi.org/10.9728/dcs.2018.19.12.2415
Haiyan XLifang W(2018)An Enhanced Smart Card and Biometrics-Based Authentication Scheme in Multi-server EnvironmentComplex, Intelligent, and Software Intensive Systems10.1007/978-3-319-93659-8_70(770-779)Online publication date: 19-Jun-2018
https://doi.org/10.1007/978-3-319-93659-8_70

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten