scholarly journals Robust and Efficient Authentication Scheme for Session Initiation Protocol

2015 ◽  
Vol 2015 ◽  
pp. 1-9 ◽  
Author(s):  
Yanrong Lu ◽  
Lixiang Li ◽  
Yixian Yang
Keyword(s):  
Performance Analysis ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Session Initiation Protocol ◽  
Authentication Scheme ◽  
Application Layer ◽  
Crucial Issue ◽  
Authentication And Key Agreement ◽  
Authentication Schemes ◽  
Key Compromise Impersonation

The session initiation protocol (SIP) is a powerful application-layer protocol which is used as a signaling one for establishing, modifying, and terminating sessions among participants. Authentication is becoming an increasingly crucial issue when a user asks to access SIP services. Hitherto, many authentication schemes have been proposed to enhance the security of SIP. In 2014, Arshad and Nikooghadam proposed an enhanced authentication and key agreement scheme for SIP and claimed that their scheme could withstand various attacks. However, in this paper, we show that Arshad and Nikooghadam’s authentication scheme is still susceptible to key-compromise impersonation and trace attacks and does not provide proper mutual authentication. To conquer the flaws, we propose a secure and efficient ECC-based authentication scheme for SIP. Through the informal and formal security analyses, we demonstrate that our scheme is resilient to possible known attacks including the attacks found in Arshad et al.’s scheme. In addition, the performance analysis shows that our scheme has similar or better efficiency in comparison with other existing ECC-based authentication schemes for SIP.

scholarly journals Improvement of a Security Enhanced One-time Mutual Authentication and Key Agreement Scheme

2019 ◽  
Vol 8 (12) ◽  
pp. 5031-5036
Keyword(s):  
Smart Card ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Authentication And Key Agreement ◽  
Password Guessing Attack ◽  
Authentication Schemes ◽  
One Time Password ◽  
Guessing Attack ◽  
Password Based Authentication

So far, many one-time password based authentication schemes have been proposed; however, none is secure enough. In 2004, W.C.Ku proposed hash-based strongpassword based authentication scheme without using smart card that is vulnerable to the password guessing attack, not achieving mutual authentication and key agreement. In this paper, we propose a new improved version of Ku’s scheme that is eliminated these weaknesses.

Generalized Elliptic Curve Digital Signature Chain Based Authentication and Key Agreement Scheme

2010 ◽  
Vol 108-111 ◽  
pp. 1503-1508
Author(s):  
Li Hua Zhang ◽  
Li Ping Zhang ◽  
Er Fei Bai
Keyword(s):  
Elliptic Curve ◽  
Digital Signature ◽  
Key Agreement ◽  
Clock Synchronization ◽  
Mutual Authentication ◽  
Password Authentication ◽  
Authentication And Key Agreement ◽  
Insider Attack ◽  
Authentication Schemes ◽  
One Time Password

Recently, several one time password authentication schemes have been proposed. However, most one-time password authentication schemes have security flaws. In this paper, a novel one-time password authentication and key agreement scheme (EAKAS) based on elliptic curve digital signature chain is developed. The proposed scheme has the following merits password or verification table is not required in the server; users can choose or change password; it can resist off-line dictionary attacks and achieves mutual authentication; it has no system clock synchronization and no constraint of transmission delay; it can resist replay attacks, man-in-the-middle attack and insider attack; it is sensitive to password error and strong in security restoration; the session keys in proposed scheme have the feature of freshness, confidentiality, known key security and forward security. Compared with the related schemes, our proposed scheme has better security and well suited to scenarios requiring a high level security.

scholarly journals An Anonymous and Efficient ECC-Based Authentication Scheme for SIP

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Yousheng Zhou ◽  
Xinyun Chen
Keyword(s):  
Performance Analysis ◽  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Authentication Schemes ◽  
And Performance ◽  
Secure Authentication ◽  
Key Compromise Impersonation

Session initiation protocol (SIP), a widely used signal protocol for controlling multimedia communication sessions, is under numerous attacks when performing the authentication steps between the user and server. So secure authentication schemes are needed to be presented for SIP. Recently, Arshad et al. advanced novel schemes for SIP using elliptic curve cryptography (ECC) and claimed their schemes can resist various attacks. However, Lu et al. found that Arshad et al.’s scheme cannot resist trace and key-compromise impersonation attacks; hence, it cannot provide proper mutual authentication. Meanwhile, an enhanced scheme was advanced by Lu et al. and they stated that their scheme can stand up to possible known attacks. Nevertheless, in this paper, we conclude that Arshad and Nikooghadam’s scheme is insecure against impersonation attack and Lu et al.’s scheme is still vulnerable to impersonation attack. To overcome these weaknesses of their schemes, we present a novel anonymous ECC-based scheme for SIP. Security analysis and performance analysis show that our proposed scheme can resist various known attacks and efficient in the meantime.

scholarly journals SIP Issues and Challenges – A Scalable Three Factor Authentication Scheme

2020 ◽  
Vol 39 (2) ◽  
pp. 287-309
Author(s):  
Saeed Ullah Jan ◽  
Fawad Qayum ◽  
Ajab Khan
Keyword(s):  
Key Agreement ◽  
Software Verification ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
The Other ◽  
End User ◽  
Signaling Protocol ◽  
Authentication And Key Agreement ◽  
Delicate Balance ◽  
Three Factor

The SIP (Session Initiation Protocol) is an application and presentation layer signaling protocol used for initiating, continuing and terminating multimedia session for the end user. It gains much attention of the researchers because it is exposed to several threats and noticed challenging vulnerabilities from time to time. Consequently, the security of SIP is a crucial task and many efforts have been made by different researchers and tried to divert the attention towards its solution. But still, no one claims with conviction about a foolproof secure mechanism for SIP. As users extensively use SIP services, the mutual authentication and key agreement among the participants is an important issue. So, robust authentication and key agreement scheme are mandatory for enhancing security, legitimacy and better complexities. Therefore, we present an improved three-factor authentication scheme that caters all the weakness and known attacks in Mishra et al. scheme. The proposed scheme not only guarantees for security but performance can also be made lightweight. As performance and security contradict each other, the change in one inversely affects the other. The proposed scheme has been analyzed both formally using BAN (Burrows-Abadi-Needham) logic and ProVerif1.93 software verification toolkit, and informally using assumptions which show a delicate balance of security with performance.

scholarly journals A Robust Mutual Authentication with a Key Agreement Scheme for Session Initiation Protocol

2018 ◽  
Vol 8 (10) ◽  
pp. 1789 ◽  
Author(s):  
Chien-Ming Chen ◽  
Bin Xiang ◽  
King-Hang Wang ◽  
Kuo-Hui Yeh ◽  
Tsu-Yang Wu
Keyword(s):  
Secure Communication ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Memory Device ◽  
Session Initiation Protocol ◽  
Application Layer ◽  
Password Guessing Attack ◽  
Guessing Attack ◽  
Layer Control

Session initiation protocol (SIP) is the most widely used application layer control protocol for creating, modifying, and terminating session processes. Many authentication schemes have been proposed for SIP aimed at providing secure communication. Recently, a new authentication and key agreement scheme for SIP has been proposed, and it was claimed that it could resist a variety of attacks. However, in this paper, we show that this scheme is vulnerable to an offline password guessing attack and a stolen memory device attack. Furthermore, we show that it lacks the verification mechanism for a wrong password, and that the password updating process is not efficient. To mitigate the flaws and inefficiencies of this scheme, we design a new robust mutual authentication with a key agreement scheme for SIP. A security analysis revealed that our proposed scheme was robust to several kinds of attacks. In addition, the proposed scheme was simulated by the automatic cryptographic protocol tool ProVerif. A performance analysis showed that our proposed scheme was superior to other related schemes.

A New Threshold Password Authentication Scheme

2010 ◽  
Vol 143-144 ◽  
pp. 915-919
Author(s):  
Yung Cheng Lee
Keyword(s):  
Ad Hoc Networks ◽  
Mobile Devices ◽  
Ad Hoc ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Network Infrastructure ◽  
Password Authentication ◽  
Unauthorized Access ◽  
Authentication Schemes ◽  
Hoc Networks

The well-known password authentication mechanisms are widely used in networks to protect resources from unauthorized access. The ad hoc networks, due to their dynamic and lack of network infrastructure features, require authentication schemes to ensure security. In this paper, we propose a new threshold password authentication scheme for ad hoc networks. Our scheme can be efficiently implemented in mobile devices, and can achieve mutual authentication with registered users.

Sign in / Sign up

Export Citation Format

Share Document