论文信息 - Cryptanalysis of an Authentication Protocol for Session Initiation Protocol

Cryptanalysis of an Authentication Protocol for Session Initiation Protocol

The session initiation protocol (SIP) is a challenge-response based authentication protocol which is used in 3G mobile networks. In 2010, Chen et al. proposed an authentication protocol for SIP using elliptic curves cryptography. However, this paper show that the Chen et al. authentication scheme is vulnerable to off-line password guessing attack, and does not provide perfect forward secrecy. To overcome their weaknesses, a security-enhanced authentication scheme for SIP is proposed, which not only defends against the off-line password guessing attack, but also supports perfect forward secrecy.

Qi Xie | Mengjie Bao | Haijun Lu

[1] Shuenn-Shyang Wang,et al. A new secure password authenticated key agreement scheme for SIP using self-certified public keys on elliptic curves , 2010, Comput. Commun..

[2] Ernest Foo,et al. A new authentication mechanism and key agreement protocol for SIP using identity-based cryptography , 2006 .

[3] Jia Lun Tsai. Efficient Nonce-based Authentication Scheme for Session Initiation Protocol , 2009, Int. J. Netw. Secur..

[4] Yuqing Zhang,et al. A new provably secure authentication and key agreement protocol for SIP using ECC , 2009, Comput. Stand. Interfaces.

[5] Wei-Kuan Shih,et al. A Secured Authentication Protocol for SIP Using Elliptic Curves Cryptography , 2010, FGIT-FGCN.

[6] Yuqing Zhang,et al. A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography , 2008, Comput. Commun..

[7] Ibrahim Sogukpinar,et al. SIP Authentication Scheme using ECDH , 2007 .

[8] Chou Chen Yang,et al. Secure authentication scheme for session initiation protocol , 2005, Comput. Secur..

[9] Lawrence C. Stewart,et al. HTTP Authentication: Basic and Digest Access Authentication , 1999 .

[10] Yong-Nyuo Shin,et al. Robust Mutual Authentication with a Key Agreement Scheme for the Session Initiation Protocol , 2010 .