Session integration service over multiple devices

Chen, Min-Xiou; Wang, Fu-Ju

doi:10.1002/dac.1109

Cited by 7 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The SIP was developed by the Internet Engineering Task Force [23] in 1996. SIP is an application layer signaling protocol for creating, modifying, and terminating multimedia sessions among one or more participants (e.g., [24][25][26][27][28][29][30]). Various authentication schemes especially using password have been proposed to provide security for SIP (e.g., [31][32][33][34][35][36][37][38][39][40][41][42][43]).…”

Section: Introductionmentioning

confidence: 99%

An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

Farash

2014

Int J Communication

View full text Add to dashboard Cite

Authentication schemes have been widely deployed access control and mobility management in various communication networks. Especially, the schemes that are based on multifactor authentication such as on password and smart card come to be more practical. One of the standard authentication schemes that have been widely used for secure communication over the Internet is session initiation protocol (SIP). The original authentication scheme proposed for SIP was vulnerable to some crucial security weaknesses. To overcome the security problems, various improved authentication schemes have been developed, especially based on elliptic curve cryptography (ECC). Very recently, Zhang et al. proposed an improved authentication scheme for SIP based on ECC using smart cards to overcome the security flaws of the related protocols. Zhang et al. claimed that their protocol is secure against all known security attacks. However, this paper indicates that Zhang et al. protocol is still insecure against impersonation attack. We show that an active attacker can easily masquerade as a legal server to fool users. As a remedy, we also improve Zhang et al. protocol by imposing a little extra computation cost.

show abstract

Section: Introductionmentioning

confidence: 99%

An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

Farash

2014

Int J Communication

View full text Add to dashboard Cite

show abstract

“…With the widespread application of the voice over IP (VoIP) in Internet [1][2][3][4] and mobility management [5][6][7][8], the security of VoIP is becoming increasingly important [9]. When a user wants to access a VoIP service, he or she has to perform an authentication process from the remote server.…”

Section: Introductionmentioning

confidence: 99%

An anonymous and untraceable password‐based authentication scheme for session initiation protocol using smart cards

Farash

Attari

2014

Int J Communication

View full text Add to dashboard Cite

SUMMARYRecently, Zhang et al. proposed a password-based authenticated key agreement for session initiation protocol (Int J Commun Syst 2013, doi:10.1002/dac.2499. They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that the protocol by Zhang et al. is vulnerable to impersonation attack whereby an active adversary without knowing the user's password is able to introduce himself/herself as the user. In addition, we show that the protocol by Zhang et al. suffers from password changing attack. To overcome the weaknesses, we propose an improved authentication scheme for session initiation protocol. The rigorous analysis shows that our scheme achieves more security than the scheme by Zhang et al.

show abstract

Secure and efficient ECC based SIP authentication scheme for VoIP communications in internet of things

Dhillon

Kalra

2019

Multimed Tools Appl

View full text Add to dashboard Cite

Session integration service over multiple devices

Cited by 7 publications

References 15 publications

An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

An anonymous and untraceable password‐based authentication scheme for session initiation protocol using smart cards

Secure and efficient ECC based SIP authentication scheme for VoIP communications in internet of things

Contact Info

Product

Resources

About