An improved smart card based authentication scheme for session initiation protocol

被引:0
|
作者
Saru Kumari
Shehzad Ashraf Chaudhry
Fan Wu
Xiong Li
Mohammad Sabzinejad Farash
Muhammad Khurram Khan
机构
[1] Ch. Charan Singh University,Department of Mathematics
[2] International Islamic University,Department of Computer Science & Software Engineering
[3] Xiamen Institute of Technology,Department of Computer Science and Engineering
[4] Hunan University of Science and Technology,School of Computer Science and Engineering
[5] Nanjing University of Information Science and Technology,Department of Mathematics and Computer Sciences
[6] Kharazmi University,Center of Excellence in Information Assurance (CoEIA)
[7] King Saud University,undefined
来源
Peer-to-Peer Networking and Applications | 2017年 / 10卷
关键词
Authentication; Security; Anonymity and privacy; Impersonation attack; Provable security; ProVerif;
D O I
暂无
中图分类号
学科分类号
摘要
Sessioninitiation protocol (SIP) reformed the controlling routine of voice over Internet Protocol based communication over public channels. SIP is inherently insecure because of underlying open text architecture. A number of solutions are proposed to boost SIP security. Very recently Farash (Peer to Peer Netw. Appl. 1–10, 2014) proposed an enhanced protocol to improve the security of Tu et al.’s protocol (Peer to Peer Netw. Appl. 1–8, 2014). Further, Farash claimed his protocol to be secure against all known attacks. However, in this paper we show that Farash’s protocol is insecure against impersonation attack, password guessing attack, lacks user anonymity and is vulnerable to session-specific temporary information attack. Further, we have proposed an upgraded protocol to enhance the security. The security and performance analysis shows that the proposed protocol reduced one point multiplication as compared with Farash’s protocol, while resisting all known attacks. We have proved the security of proposed protocol using automated tool ProVerif.
引用
收藏
页码:92 / 105
页数:13
相关论文
empty
未找到相关数据