CFP last date
20 December 2024
Reseach Article

Proposed secureSIP Authentication Scheme based on Elliptic Curve Cryptography

by Samaneh Sadat Mousavi-nik, M. H. Yaghmaee-moghaddam, M. B. Ghaznavi-ghoushchi
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 58 - Number 8
Year of Publication: 2012
Authors: Samaneh Sadat Mousavi-nik, M. H. Yaghmaee-moghaddam, M. B. Ghaznavi-ghoushchi
10.5120/9303-3524

Samaneh Sadat Mousavi-nik, M. H. Yaghmaee-moghaddam, M. B. Ghaznavi-ghoushchi . Proposed secureSIP Authentication Scheme based on Elliptic Curve Cryptography. International Journal of Computer Applications. 58, 8 ( November 2012), 25-30. DOI=10.5120/9303-3524

@article{ 10.5120/9303-3524,
author = { Samaneh Sadat Mousavi-nik, M. H. Yaghmaee-moghaddam, M. B. Ghaznavi-ghoushchi },
title = { Proposed secureSIP Authentication Scheme based on Elliptic Curve Cryptography },
journal = { International Journal of Computer Applications },
issue_date = { November 2012 },
volume = { 58 },
number = { 8 },
month = { November },
year = { 2012 },
issn = { 0975-8887 },
pages = { 25-30 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume58/number8/9303-3524/ },
doi = { 10.5120/9303-3524 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:01:56.829297+05:30
%A Samaneh Sadat Mousavi-nik
%A M. H. Yaghmaee-moghaddam
%A M. B. Ghaznavi-ghoushchi
%T Proposed secureSIP Authentication Scheme based on Elliptic Curve Cryptography
%J International Journal of Computer Applications
%@ 0975-8887
%V 58
%N 8
%P 25-30
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Session Initiation Protocol (SIP) is a powerful signaling protocol that increasingly used for administrating Voice over IP (VoIP) phone calls. In recent years, Session Initiation Protocol (SIP) is more and more popular. However, there are many security problems in the Session Initiation Protocol. SIP authentication mechanism is based on HTTP Digest authentication, which this scheme Is insecure; such as off-line password guessing attacks and impersonate other parties and etc. So, researches proposed different schemes to secure the SIP authentication. In the year 2012, Tang et al. proposed a SIP authentication protocol using elliptic curve cryptography (ECC), but their scheme is insecure against off-line password guessing and Registration attacks. In order to overcome such security problems proposed an ECC-based authentication scheme for SIP and analysis of security of the ECC-based protocol.

References
  1. Tang H, Liu X (2012) Cryptanalysis of Arshad et al. 's ECC-based mutual authentication scheme for session initiation protocol. Multimed Tools Appl. DOI 10. 1007/s11042-012-1001-8
  2. Arshad R, Ikram N (2011) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tool Appl. doi:10. 1007/s11042-011-0787-0
  3. Chen TH, Yeh HL, Liu PC, Hsiang HC, Shih WK (2010) A secured authentication protocol for SIP using elliptic curves cryptography. CN, CCIS 119:46–55
  4. Denning D, Sacco G (1981) Timestamps in key distribution systems. Commun ACM 24:533–536
  5. DiffieW, Hellman ME (1976) New directions in cryptography. IEEE Transactions on Information Theory IT-22: 644–654
  6. Durlanik A, Sogukpinar I (2005) SIP Authentication Scheme using ECDH. World EnformatikaSocityTransations on Engineering Computing and Technology 8:350–353
  7. Ryu JT, Roh BH, Ryu KY (2009) Detection of SIP flooding attacks based on the upper bound of the possible number of SIP messages, KSII Transactions on Internet and Information Systems (TIIS) 3 (5) 507–526.
  8. Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L (1999) HTTP authentication: basic and digest access authentication, IETF RFC2617.
  9. He DB, Chen JH, Zhang R (2011) A more secure authentication scheme for telecare medicine information systems. J Med Syst. doi:10. 1007/s10916-011-9658-5
  10. Menezes AJ, Oorschot PC, Vanstone SA (1997) Handbook of Applied Cryptograph,CRC Press.
  11. Lin CL, Hwang T (2003) A password authentication scheme with secure password updating. ComputSecur 22(1):68–72
  12. Yoon EJ, Yoo KY (2009) Cryptanalysis of DS-SIP authentication scheme using ECDH, in 2009 International Conference on New Trends in Information and Service Science 642–647.
  13. Canetti R, Krawczyk H (2001) Analysis of key-exchange protocols and their use for building secure channels, in: Proc. Eurocrpt 2001, Lecture Notes in Computer Science, 2045, pp. 453–474.
  14. Rosenberg J,Schulzrinne H, Camarillo G, Johnstone A, Peterson J, Sparks R (2002) SIP: session initiation protocol. IETF RFC3261
  15. Thomas M (2001) SIP security requirements. IETF Internet Draft (draftthomas-sip-sec-reg-00. txt)
  16. Tsai JL (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J NetwSecur 8(3):312–316
  17. Veltri L, Salsano S, Papalilo D (2002) SIP security issues: the SIP authentication procedure and its processing load. IEEE Netw 16(6):38–44
  18. Xie Q (2011) A new authenticated key agreement for session initiation protocol. Int J Commun Syst. doi:10. 1002/dac. 1286
  19. Yang CC,Wang RC, Liu WT (2005) Secure authentication scheme for session initiation protocol. ComputSecur 24:381–386
  20. Yoon EJ, Yoo KY (2009) A new authentication scheme for session initiation protocol, in 2009 International Conference on Complex, Intelligent and Software Intensive Systems, CISIS '09 549–554
  21. Yoon EJ, Koo KY (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Tech Rev 27(3):203–213
  22. Geneiatakis D, Dagiuklas T, Kambourakis G, Lambrinoudakis C, Gritzalis S, Ehlert S (2006) Survey of security vulnerabilities in session initiation protocol. IEEE CommunSurv Tutorials 8(3):68–81
  23. Wu L, Zhang Y, Wang F (2009) A new provably secure authentication and key agreement protocol for SIP using ECC, Computer Standards and Interfaces 31 (2) 286–291.
  24. Yoon EJ, Yoo KY (2010) A three-factor authenticated key agreement scheme for SIP on elliptic curves, in Proceedings of the 2010 Fourth International Conference on Network and System Security 334–339
Index Terms

Computer Science
Information Sciences

Keywords

session initiation protocol Elliptic curve cryptography Authentication vulnerability insecure