Analyzing secure key authentication and key agreement protocol for promising features of IP multimedia subsystem using IP multimedia server-client systems

Recently, Session Initiation Protocol (SIP) has become a prime signaling protocol for the multimedia communication systems, though none of the researchers have analyzed its promising features, namely access independence, authentication scheme verification, AKA (Authentication and Key Agreement) security properties, 3GPP security properties, signal congestion, bandwidth consumption and computation overhead using the physical multimedia server-client platform. To examine the issues realistically, the existing authentication schemes, such as UMTS AKA, EPS AKA, Cocktail AKA, S AKA, HL AKA and ZZ AKA were designed and developed in the multimedia server-client systems deployed on Linux platform. The cross-examination revealed that the existing schemes failed to satisfy the IMS (IP Multimedia Subsystem) promising features, like mutual authentication, session-key sharing, (perfect) forward secrecy and implicit-key authentication. Thus, this paper proposes a Secure-Key Authentication and Key Agreement protocol (SK AKA) to meet out the standard demands of IMS. To curtail its authentication steps, the secure authentication vector SAV computes and dispenses the generated vectors between the multimedia server-client systems in advance, through the serving call session control function SCSCF. As a result, the execution steps of UMTS AKA are annulled for the sake of accomplishment of the IMS features. In addition, the protocol of SK AKA integrates the strategies of Context Identity CID and Elliptic Curve – Diffie Hellman (EC-DH) to resist most of the potential attacks like SIP flooding, forgery, man-in-the-middle, password guessing and key impersonation. To analyze the parameters, such as (SIP) Flooding Attack Detection Rate, End-To-End Delay of Multiple Voice Call Session, Call Success Rate, SIP Utilization, RTP Utilization, Call Response Time, Bandwidth Consumption and Signalling Congestion realistically, the proposed and existing authentication schemes have been coded and integrated in the real-time IMS client-server system. Above all, the thoroughgoing research has revealed that the proposed protocol of SK AKA accomplishes all the IMS challenges: 1. Adhere the promising features of IMS; 2. Attack resiliency; and 3. Fulfill the promising parameters of IMS, in comparison with the other existing schemes.

[1]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[2]  Jiann-Liang Chen,et al.  Advanced Path-Migration Mechanism for Enhancing Signaling Efficiency in IP Multimedia Subsystem , 2012, KSII Trans. Internet Inf. Syst..

[3]  Pin-Han Ho,et al.  PPAB: A Privacy-Preserving Authentication and Billing Architecture for Metropolitan Area Sharing Networks , 2009, IEEE Transactions on Vehicular Technology.

[4]  Athanasios V. Vasilakos,et al.  SecCloud: Bridging Secure Storage and Computation in Cloud , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[5]  Xiaohui Liang,et al.  Enabling pervasive healthcare with privacy preservation in smart community , 2012, 2012 IEEE International Conference on Communications (ICC).

[6]  Alberto Peinado Domínguez,et al.  Cryptanalysis of Park's Authentication Protocol in Wireless Mobile Communication Systems , 2006, Int. J. Netw. Secur..

[7]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[8]  Tin Yu Wu,et al.  An efficient end-to-end security mechanism for IP multimedia subsystem , 2008, Comput. Commun..

[9]  Yuefei Zhu,et al.  Security analysis of a cocktail protocol with the authentication and key agreement on the UMTS , 2010, IEEE Communications Letters.

[10]  Athanasios V. Vasilakos,et al.  DFL: Secure and Practical Fault Localization for Datacenter Networks , 2014, IEEE/ACM Transactions on Networking.

[11]  Muxiang Zhang,et al.  Security analysis and enhancements of 3GPP authentication and key agreement protocol , 2005, IEEE Transactions on Wireless Communications.

[12]  Wen-Shenq Juang,et al.  Efficient 3GPP Authentication and Key Agreement with Robust User Privacy Protection , 2007, 2007 IEEE Wireless Communications and Networking Conference.

[13]  Jui-Tang Wang,et al.  Group-Based Authentication and Key Agreement , 2012, Wirel. Pers. Commun..

[14]  Cheng-Chi Lee,et al.  Extension of authentication protocol for GSM , 2003 .

[15]  Chung-Ming Huang,et al.  Authentication and key agreement protocol for UMTS with low bandwidth consumption , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[16]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[17]  Athanasios V. Vasilakos,et al.  DTRAB: Combating Against Attacks on Encrypted Protocols Through Traffic-Feature Analysis , 2010, IEEE/ACM Transactions on Networking.

[18]  Cheng-Chi Lee,et al.  A new authentication protocol based on pointer forwarding for mobile communications , 2008, Wirel. Commun. Mob. Comput..

[19]  Sufian Yousef,et al.  A New Authentication Protocol for UMTS Mobile Networks , 2006, EURASIP J. Wirel. Commun. Netw..

[20]  Ya-Wen Yang,et al.  3G and WLAN Interworking Security: Current Status and Key , 2006, Int. J. Netw. Secur..

[21]  Chin-Chen Chang,et al.  Efficient authentication protocols of GSM , 2005, Comput. Commun..

[22]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice,Second Edition , 2002 .

[23]  Athanasios V. Vasilakos,et al.  Toward Incentivizing Anti-Spoofing Deployment , 2014, IEEE Transactions on Information Forensics and Security.

[24]  Athanasios V. Vasilakos,et al.  Provably secure three-party authenticated key agreement protocol using smart cards , 2014, Comput. Networks.

[25]  Young Jae Choi,et al.  An Improvement on Privacy and Authentication in GSM , 2004, WISA.

[26]  Chih-Ya Shen,et al.  S-AKA: A Provable and Secure Authentication Key Agreement Protocol for UMTS Networks , 2011, IEEE Transactions on Vehicular Technology.

[27]  Naveen K. Chilamkurti,et al.  A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography , 2014, Multimedia Tools and Applications.

[28]  Cheng-Chi Lee,et al.  Extension of an Efficient 3GPP Authentication and Key Agreement Protocol , 2013, Wirel. Pers. Commun..

[29]  Lein Harn,et al.  On the security of wireless network access with enhancements , 2003, WiSe '03.

[30]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[31]  Xiaohui Liang,et al.  PEC: A privacy-preserving emergency call scheme for mobile healthcare social networks , 2011, Journal of Communications and Networks.

[32]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[33]  Yi-Bing Lin,et al.  One-pass GPRS and IMS authentication procedure for UMTS , 2005, IEEE Journal on Selected Areas in Communications.

[34]  Wenbo Mao,et al.  Modern Cryptography: Theory and Practice , 2003 .

[35]  Mark Ryan,et al.  New privacy issues in mobile telephony: fix and verification , 2012, CCS.

[36]  Ulrike Meyer,et al.  A man-in-the-middle attack on UMTS , 2004, WiSe '04.

[37]  Hung-Wen Yang,et al.  Cryptanalysis of a New Efficient MAKEP for Wireless Communications , 2005, Int. J. Netw. Secur..

[38]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[39]  B. Sathish Babu,et al.  A Dynamic Authentication Scheme for Mobile Transactions , 2009, Int. J. Netw. Secur..

[40]  Min-Shiang Hwang,et al.  A cocktail protocol with the Authentication and Key Agreement on the UMTS , 2010, J. Syst. Softw..

[41]  Georg Mayer,et al.  The IMS: IP Multimedia Concepts and Services , 2004 .

[42]  Cheng-Chi Lee,et al.  Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments , 2006, IEEE Transactions on Industrial Electronics.

[43]  Muxiang Zhang,et al.  Provably-Secure Enhancement on 3GPP Authentication and Key Agreement Protocol , 2003, IACR Cryptol. ePrint Arch..

[44]  Miikka Poikselkä,et al.  The IMS Second Edition: IP Multimedia Concepts and Services , 2006 .