Skip to main content
SpringerLink
Log in

Single round-trip SIP authentication scheme with provable security for Voice over Internet Protocol using smart card

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

In recent years, Voice over Internet Protocol (VoIP) has gained more and more popularity as an application of the Internet technology. For various IP applications including VoIP, the topic of Session Initiation Protocol (SIP) has attracted major concern from researchers. SIP is an advanced signaling protocol operating on Internet Telephony. SIP uses digest authentication protocols such as Simple Mail Transport Protocol (SMTP) and Hyper Text Transport Protocol (HTTP). When a user seeks SIP services, authentication plays an important role in providing secure access to the server only to the authorized access seekers. Being an insecure-channel-based protocol, a SIP authentication protocol is susceptible to adversarial threats. Therefore, security is a big concern in SIP authentication mechanisms. This paper reveals the security vulnerabilities of two recently proposed SIP authentication schemes for VoIP, Irshad et al.’s scheme [Multimed. Tools. Appl. doi:10.1007/s11042-013-1807-z] and Arshad and Nikooghadam’s scheme [Multimed. Tools. Appl. DOI 10.1007/s11042-014-2282-x], the later scheme is based on the former scheme. Irshad et al.’s scheme suffers from password guessing, user impersonation and server spoofing attacks. Arshad and Nikooghadam’s scheme can be threatened with server spoofing and stolen verifier attack. None of these two schemes achieve mutual authentication. It also fails to follow the single round-trip authentication design of Irshad et al.’s scheme. To overcome these weaknesses, we propose a provable secure single round-trip SIP authentication scheme for VoIP using smart card. We formally prove the security of the scheme in random oracle and demonstrate through discussion its resistance to various attacks. The comparative analysis shows that the proposed SIP authentication scheme offers superior performance with a little extra computational cost.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Abdalla M, Pointcheval D 2005 Interactive Diffie-Hellman assumptions with applications to password-based authentication. In: Proceedings of FC’05, LNCS 3570 341–356.

  2. Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2):165–178

    Article  Google Scholar 

  3. Arshad H, Nikooghadam M (2014) An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimed Tools Appl. doi:10.1007/s11042-014-2282-x

    Google Scholar 

  4. Branovic I, Giorgi R, Martinelli E (2004) A workload characterization of elliptic curve cryptography methods in embedded environments. ACM SIGARCH Comput Archit News 32(3):27–34

    Article  Google Scholar 

  5. Canetti R, Krawczyk H (2001) Analysis of key-exchange protocols and their use for building secure channels. In: Proc. Eurocrpt 2001, Lecture Notes in Computer Science, 2045: 453–474

  6. Dalgic I, Fang H (1999) Comparison of H.323 and SIP for IP telephony signaling. In: Proc. of photonics East. SPIE, Boston

  7. Denning D, Sacco G (1981) Timestamps in key distribution systems. Commun ACM 24:533–536

    Article  Google Scholar 

  8. Diffie W, Hellman M (1976) New directions in cryptology. IEEE Trans Inf Theory 22(6):644–654

    Article  MathSciNet  MATH  Google Scholar 

  9. Durlanik A, Sogukpinar I (2005) SIP authentication scheme using ECDH. World Enformatika Soc Trans Eng Comput Technol 8:350–353

    Google Scholar 

  10. Farash MS, Attari MA (2013) An enhanced authenticated key agreement for session initiation protocol. Inform Technol Control 42(4):333–342

    Article  Google Scholar 

  11. Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L (1999) RFC2617: HTTP authentication: basic and digest access authentication. IETF

  12. Garcia-Martin M, Henrikson E, Mills D (2003) Private header (P-Header) extensions to the session initiation protocol (SIP) for the 3rd-generation partnership project(3GPP). IETF RFC3455

  13. Geneiatakis D, Dagiuklas T, Kambourakis G, Lambrinoudakis C (2006) Survey of security vulnerabilities in session initial protocol. IEEE Commun Surv Tutorials 8:68–81

    Article  Google Scholar 

  14. Hankerson D, Menezes A, Vanstone S (2004) Guide to elliptic curve cryptography. LNCS, Springer, New York

    MATH  Google Scholar 

  15. He D, Chen J, Chen Y (2012) A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Netw 5(12):1423–1429

    Article  Google Scholar 

  16. Irshad A, Sher M, Rehman E, Ashraf Ch S, Hassan MU, Ghani A (2013) A single round-trip SIP authentication scheme for Voice over Internet Protocol using smart card. Multimed Tools Appl. doi:10.1007/s11042-013-1807-z

    Google Scholar 

  17. Jo JH, Cho JS (2008) Cross-layer optimized vertical handover schemes between mobile Wimax and 3G networks. KSII Trans Internet Inf Syst (TIIS) 2(4):171–183

    Article  Google Scholar 

  18. Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48:203–209

    Article  MathSciNet  MATH  Google Scholar 

  19. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Proceedings of advances in cryptology, Santa Barbara, CA, U.S.A. 388–397

  20. Lee CC (2009) On security of an efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 9:201–203

    Google Scholar 

  21. Liu FW, Koenig H (2011) Cryptanalysis of a SIP authentication scheme. In: 12th IFIP TC6/TC11 International Conference, CMS 2011, Ghent, Belgium 134–143

  22. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  Google Scholar 

  23. Miller V (1986) Uses of elliptic curves in cryptography. In: Advances in cryptology CRYPTO’85, Lecture Notes in Computer Science Springer-Verlag 218: 417–426

  24. NIST (1999) Recommended elliptic curves for federal government use Available on csrc.nist.gov

  25. Pu Q, Wang J, Wu S (2013) Secure SIP authentication scheme supporting lawful interception. Secur Commun Netw 6:340–350

    Article  Google Scholar 

  26. Rosenberg J, Schulzrinne H, Camarillo G, Johnston A, Peterson J, Sparks R, Handley M, Schooler E (2002) SIP: session initiation protocol. IETF RFC3261

  27. Salsano S, Veltri L, Papalilo D (2002) SIP security issues: the SIP authentication procedure and its processing load. IEEE Netw 16(6):38–44

    Article  Google Scholar 

  28. Sisalem D, Kuthan J, Ehlerts S (2006) Denial of service attacks targeting a SIPVoIP infrastructure: stack scenarios and prevention mechanisms. IEEE Netw J 20:26–31

    Article  Google Scholar 

  29. Tang H, Liu X (2013) Cryptanalysis of Arshad et al’.s ECC-based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 65(3):321–333

    Article  Google Scholar 

  30. Tsai JL (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 9:12–16

    Google Scholar 

  31. Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC. Comput Stand Interfaces 31(2):286–291

    Article  Google Scholar 

  32. Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54

    Article  Google Scholar 

  33. Yang CC, Wang RC, Liu WT (2005) Secure authentication scheme for session initiation protocol. Comput Secur 24:381–386

    Article  Google Scholar 

  34. Yeh HL, Chen TH, Shih WK (2014) Robust smart card secured authentication scheme on SIP using Elliptic Curve Cryptography. Comput Stand Interfaces 36:397–402

    Article  Google Scholar 

  35. Yen SM, Joye M (2002) Checking before output may not be enough against fault-based cryptanalysis. IEEE Trans Comput 49(9):967–970

    MATH  Google Scholar 

  36. Yoon E, Shin Y, Jeon I, Yoo K (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27(3):203–213

    Article  Google Scholar 

  37. Yoon EJ, Yoo KY, Kim C, Hong YS, Jo M, Chen HH (2010) A secure and efficient SIP authentication scheme for converged VoIP networks. Comput Commun 33:1674–1681

    Article  Google Scholar 

  38. Zhang L, Tang S, Cai Z (2013) Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card. Int J Commun Syst. doi:10.1002/dac.2499

    Google Scholar 

Download references

Acknowledgments

The authors extend their sincere appreciations to the Deanship of Scientific Research at King Saud University for its funding this Prolific Research Group (PRG-1436-16). This research is also supported by the National Natural Science Foundation of China under Grant No. 61300220, and it is also supported by PAPD and CICAEET.

Author information

Authors and Affiliations

  1. Department of Mathematics, Ch. Charan Singh University, Meerut, Uttar Pradesh, India

    Saru Kumari

  2. Department of Computer Science and Engineering, Xiamen Institute of Technology, Huaqiao University, Xiamen, 361021, China

    Fan Wu

  3. School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, 411201, China

    Xiong Li

  4. Nanjing University of Information Science and Technology, Nanjing, 210044, China

    Xiong Li

  5. Department of Mathematics and Computer Sciences, Kharazmi University, Tehran, Iran

    Mohammad Sabzinejad Farash

  6. School of Computer Science and Technology, Xidian University, Xi’an, 710071, Shaanxi, People’s Republic of China

    Qi Jiang

  7. Center of Excellence in Information Assurance, King Saud University, Riyadh, Kingdom of Saudi Arabia

    Muhammad Khurram Khan

  8. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology (IIIT), Hyderabad, 500032, India

    Ashok Kumar Das

Authors
  1. Saru Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fan Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammad Sabzinejad Farash
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Qi Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Muhammad Khurram Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Ashok Kumar Das
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Saru Kumari.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kumari, S., Wu, F., Li, X. et al. Single round-trip SIP authentication scheme with provable security for Voice over Internet Protocol using smart card. Multimed Tools Appl 75, 17215–17245 (2016). https://doi.org/10.1007/s11042-015-2988-4

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-015-2988-4

Keywords

Search

Navigation