Applied Sciences (Oct 2018)

A Robust Mutual Authentication with a Key Agreement Scheme for Session Initiation Protocol

  • Chien-Ming Chen,
  • Bin Xiang,
  • King-Hang Wang,
  • Kuo-Hui Yeh,
  • Tsu-Yang Wu

DOI
https://doi.org/10.3390/app8101789
Journal volume & issue
Vol. 8, no. 10
p. 1789

Abstract

Read online

Session initiation protocol (SIP) is the most widely used application layer control protocol for creating, modifying, and terminating session processes. Many authentication schemes have been proposed for SIP aimed at providing secure communication. Recently, a new authentication and key agreement scheme for SIP has been proposed, and it was claimed that it could resist a variety of attacks. However, in this paper, we show that this scheme is vulnerable to an offline password guessing attack and a stolen memory device attack. Furthermore, we show that it lacks the verification mechanism for a wrong password, and that the password updating process is not efficient. To mitigate the flaws and inefficiencies of this scheme, we design a new robust mutual authentication with a key agreement scheme for SIP. A security analysis revealed that our proposed scheme was robust to several kinds of attacks. In addition, the proposed scheme was simulated by the automatic cryptographic protocol tool ProVerif. A performance analysis showed that our proposed scheme was superior to other related schemes.

Keywords