A provably secure anonymous authentication scheme for Session Initiation Protocol

被引：16

作者：

Chaudhry, Shehzad Ashraf ^{[1
]}

Khan, Imran ^{[1
]}

Irshad, Azeem ^{[1
]}

Ashraf, Muhammad Usman ^{[1
]}

Khan, Muhammad Khurram ^{[2
]}

Ahmad, Hafiz Farooq ^{[3
]}

机构：

[1] Int Islamic Univ, Dept Comp Sci & Software Engn, Islamabad, Pakistan

[2] King Saud Univ, Ctr Excellence Informat Assurance, Riyadh, Saudi Arabia

[3] King Faisal Univ, Coll Comp Sci & Informat Technol, Alahssa, Saudi Arabia

来源：

SECURITY AND COMMUNICATION NETWORKS | 2016年 / 9卷 / 18期

关键词：

password; authentication; key agreement; provable security; impersonation attack; correctness; PROVERIF; KEY AGREEMENT SCHEME; SIP AUTHENTICATION; MUTUAL AUTHENTICATION; NETWORKS;

D O I：

10.1002/sec.1672

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Recently, Lu et al. presented a mutual authentication scheme for Session Initiation Protocol. Lu et al. claimed their scheme provides safeguard against familiar attacks and offers efficient authentication facility. However, this paper divulges that the scheme of Lu et al. is prone to server and user impersonation attacks. Additionally, the scheme of Lu et al. implicates correctness concerns. Consequently, an enhanced scheme is proposed, not only to resolve correctness concerns but also to provide robustness against server and user impersonation attacks. The proposed scheme makes use of a user-specific secret parameter to deal with the security and correctness issues. The formal and informal security analysis proves the robustness and efficiency of the proposed scheme against all familiar attacks. Furthermore, security analysis is also substantiated through popular automated tool PROVERIF. Copyright (C) 2016 John Wiley & Sons, Ltd.

引用

页码：5016 / 5027

页数：12

共 40 条

[31] On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions
Wang, Ding
Wang, Ping
[J]. COMPUTER NETWORKS, 2014, 73 : 41 - 57
[32] Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks
Wang, Ding
Wang, Ping
[J]. AD HOC NETWORKS, 2014, 20 : 1 - 15
[33] A new provably secure authentication and key agreement protocol for SIP using ECC
Wu, Liufei
Zhang, Yuqing
Wang, Fengjiao
[J]. COMPUTER STANDARDS & INTERFACES, 2009, 31 (02) : 286 - 291
[34] A new authenticated key agreement for session initiation protocol
Xie, Qi
[J]. INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2012, 25 (01) : 47 - 54
[35] The Performance of Enhanced Liver Fibrosis (ELF) Test for the Staging of Liver Fibrosis: A Meta-Analysis
Xie, Qingsong
Zhou, Xiaohu
Huang, Pengfei
Wei, Jianfeng
Wang, Weilin
Zheng, Shusen
[J]. PLOS ONE, 2014, 9 (04):
[36] Secure authentication scheme for session initiation protocol
Yang, CC
Wang, RC
Liu, WT
[J]. COMPUTERS & SECURITY, 2005, 24 (05) : 381 - 386
[37] A secure and efficient SIP authentication scheme for converged VoIP networks
Yoon, Eun-Jun
Yoo, Kee-Young
Kim, Cheonshik
Hong, You-Sik
Jo, Minho
Chen, Hsiao-Hwa
[J]. COMPUTER COMMUNICATIONS, 2010, 33 (14) : 1674 - 1681
[38] Robust Mutual Authentication with a Key Agreement Scheme for the Session Initiation Protocol
Yoon, Eun-Jun
Shin, Yong-Nyuo
Jeon, Il-Soo
Yoo, Kee-Young
[J]. IETE TECHNICAL REVIEW, 2010, 27 (03) : 203 - 213
[39] Cryptanalysis of DS-SIP Authentication Scheme using ECDH
Yoon, Eun-Jun
Yoo, Kee-Young
[J]. 2009 INTERNATIONAL CONFERENCE ON NEW TRENDS IN INFORMATION AND SERVICE SCIENCE (NISS 2009), VOLS 1 AND 2, 2009, : 642 - +
[40] A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography
Zhang, Zezhong
Qi, Qingqing
Kumar, Neeraj
Chilamkurti, Naveen
Jeong, Hwa-Young
[J]. MULTIMEDIA TOOLS AND APPLICATIONS, 2015, 74 (10) : 3477 - 3488

← 1 2 3 4 →