Cryptanalysis of SIP secure and efficient authentication scheme

Gokhroo, Mohit Kumar; Jaidhar, C. D.; Tomar, Anurag Singh

doi:10.1109/iccsn.2011.6014057

Cited by 19 publications

(13 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To tackle these problems, Yoon et al proposes an enhanced authentication scheme for SIP based on ECC. Unfortunately, Gokhroo et al [16] and Pu [17] have showed that the scheme of Yoon et al cannot still protect against the off-line password guessing and the replay attacks. Later, Tsai [18] considers an efficient authentication scheme for SIP only employing one-way hash functions and xor operations.…”

Section: Introductionmentioning

confidence: 99%

A secure and efficient mutual authentication scheme for session initiation protocol

Peng

et al. 2015

Peer-to-Peer Netw. Appl.

View full text Add to dashboard Cite

The Session Initiation Protocol (SIP) as the core signaling protocol for multimedia services is receiving much attention. Authentication is becoming increasingly crucial issue when a user asks to use SIP services. Many authentication schemes for the SIP have been proposed. Very recently, Zhang et al. has presented an authentication scheme for SIP and claimed their scheme could overcome various attacks while maintaining efficiency. In this research, we illustrate that their scheme is susceptible to the insider attack and does not provide proper mutual authentication. We then propose a modified secure mutual authentication scheme to conquer the security flaws in Zhang et al.'s scheme. Through the informal and formal security analyses, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Zhang et al.'s scheme. In addition, the performance analysis shows that our scheme has better efficiency in comparison with other related ECC-based authentication schemes for SIP.

show abstract

Section: Introductionmentioning

confidence: 99%

A secure and efficient mutual authentication scheme for session initiation protocol

Peng

et al. 2015

Peer-to-Peer Netw. Appl.

View full text Add to dashboard Cite

show abstract

“…Based on Wu et al's protocol, an improved authentication protocol was proposed by Yoon et al (2010b) to eliminate security flaws. But Gokhroo et al (2011) indicated that the improved protocol could not resist off-line password guessing attacks and replay attacks too. Recently, Arshad and Ikram (2013) also proposed an authentication protocol based on elliptic curve discrete logarithm problem for SIP.…”

Section: Related Workmentioning

confidence: 97%

An energy efficient authenticated key agreement protocol for SIP-based green VoIP networks

Zhang

Tang

Zhu

2016

Journal of Network and Computer Applications

View full text Add to dashboard Cite

Voice over Internet Protocol (VoIP) is spreading across the market rapidly due to its characteristics such as low cost, flexibility implementation, and versatility of new applications etc.However, the voice packets transmitted over the Internet are not protected in most VoIP environments, and then the user's information could be easily compromised by various malicious attacks. So an energy-efficient authenticated key agreement protocol for Session Initial Protocol (SIP) should be provided to ensure the confidentiality and integrity of data communications over VoIP networks. To simplify the authentication process, several protocols adopt a verification table to achieve mutual authentication, but the protocols require the SIP server to maintain a large verification table which not only increases energy consumption but also leads to some security issues. Although several attempts have been made to address the intractable problems, designing an energy-efficient authenticated key agreement protocol for SIP-based green VoIP networks is still a challenging task. In this study, we propose an efficient authentication protocol for SIP by using smartcards based on elliptic curve cryptography. With the proposed protocol, the SIP server needs not to store a password or verification table in its database, and so no energy is required for the maintenance of the verification table. Security analysis demonstrates that the proposed protocol can resist various attacks and provides efficient password updating.Furthermore, the experimental results show that the proposed protocol increases efficiency in comparison with other related protocols.

show abstract

“…However, Pu and Gokhroo et al . argued that the scheme of Yoon et al . still suffered from both off‐line password guessing attacks and replay attacks.…”

Section: Related Workmentioning

confidence: 99%

Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card

Zhang

Tang

Cai

2013

Int J Communication

View full text Add to dashboard Cite

SUMMARY Providing a suitable key agreement protocol for session initiation protocol is crucial to protecting the communication among the users over the open channel. This paper presents an efficient and flexible password authenticated key agreement protocol for session initiation protocol associated with Voice over Internet Protocol. The proposed protocol has many unique properties, such as session key agreement, mutual authentication, password updating function and the server not needing to maintain a password or verification table, and so on. In addition, our protocol is secure against the replay attack, the impersonation attack, the stolen‐verifier attack, the man‐in‐the‐middle attack, the Denning–Sacco attack, and the offline dictionary attack with or without the smart card. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

Cryptanalysis of SIP secure and efficient authentication scheme

Cited by 19 publications

References 5 publications

A secure and efficient mutual authentication scheme for session initiation protocol

A secure and efficient mutual authentication scheme for session initiation protocol

An energy efficient authenticated key agreement protocol for SIP-based green VoIP networks

Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card

Contact Info

Product

Resources

About