Cryptanalysis of Farash et al.'s SIP authentication protocol

被引：6

作者：

Azrour, Mourade ^{[1
]}

Farhaoui, Yousef ^{[1
]}

Ouanan, Mohammed ^{[1
]}

机构：

[1] Moulay Ismail Univ, Fac Sci & Technol, Lab M2I, Dept Comp Sci,ASIA Team, Errachidia, Morocco

来源：

INTERNATIONAL JOURNAL OF DYNAMICAL SYSTEMS AND DIFFERENTIAL EQUATIONS | 2018年 / 8卷 / 1-2期

关键词：

authentication protocol; denial of service; Denning-Sacco; DoS; elliptic curve cryptography; security; session initiation protocol; SIP; attack;

D O I：

10.1504/IJDSDE.2018.089097

中图分类号：

O29 [应用数学];

学科分类号：

070104 ;

摘要：

Session initiation protocol (SIP) is the most popular signalling protocol used in order to establish, maintain and terminate a multimedia sessions between different participants. Nowadays, the security of SIP is becoming more and more important. Authentication is the most important security service required for SIP. To provide secure communication, many SIP authentication schemes have been proposed. Very recently, Farash et al. proposed a new SIP authentication protocol based on elliptic curve cryptography. They proved that their scheme is secured against different attacks. However, in this paper we show that Farash et al.'s protocol suffers from Denning-Sacco attacks and denial of service attacks. Moreover, we propose our solution to solve the problem. The security analysis shows that our proposed solution is more secure and can resist to various attacks.

引用

页码：77 / 94

页数：18

共 36 条

[1]

[Anonymous], SCREEN

[2] Elliptic curve cryptography based mutual authentication scheme for session initiation protocol [J].

Arshad, R. ;

Ikram, N. .

MULTIMEDIA TOOLS AND APPLICATIONS, 2013, 66 (02) :165-178

[3]

Azrour M., 2017, INT J NETWORK SECURI, V19, DOI [10.6633/IJNS.201711.19(6).2, DOI 10.6633/IJNS.201711.19(6).2]

[4]

Azrour M., 2016, INDONESIAN J ELECT E, V4, P231

[5] A secure biometric based multi-server authentication scheme for social multimedia networks [J].

Chaudhry, Shehzad Ashraf .

MULTIMEDIA TOOLS AND APPLICATIONS, 2016, 75 (20) :12705-12725

[6] A secure authentication scheme for session initiation protocol based on elliptic curve cryptography [J].

Chaudhry, Shehzad Ashraf ;

Mahmood, Khalid ;

Naqvi, Husnain ;

Sher, Muhammad .

CIT/IUCC/DASC/PICOM 2015 IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY - UBIQUITOUS COMPUTING AND COMMUNICATIONS - DEPENDABLE, AUTONOMIC AND SECURE COMPUTING - PERVASIVE INTELLIGENCE AND COMPUTING, 2015, :1961-1966

[7] An improved and provably secure privacy preserving authentication protocol for SIP [J].

Chaudhry, Shehzad Ashraf ;

Naqvi, Husnain ;

Sher, Muhammad ;

Farash, Mohammad Sabzinejad ;

ul Hassan, Mahmood .

PEER-TO-PEER NETWORKING AND APPLICATIONS, 2017, 10 (01) :1-15

[8] NEW DIRECTIONS IN CRYPTOGRAPHY [J].

DIFFIE, W ;

HELLMAN, ME .

IEEE TRANSACTIONS ON INFORMATION THEORY, 1976, 22 (06) :644-654

[9]

Eun-Jun Yoon, 2008, 2008 Second International Conference on Future Generation Communication and Networking Symposia (FGCNS), P25, DOI 10.1109/FGCNS.2008.80

[10] An Enhanced Authenticated Key Agreement for Session Initiation Protocol [J].

Farash, Mohammad Sabzinejad ;

Attari, Mahmoud Ahmadian .

INFORMATION TECHNOLOGY AND CONTROL, 2013, 42 (04) :333-342

← 1 2 3 4 →