An Improved SIP Authenticated Key Agreement Based on Dongqing et al.


Ul Hassan M., Chaudhry S. A., Irshad A.

Wireless Personal Communications, vol.110, no.4, pp.2087-2107, 2020 (SCI-Expanded) identifier

  • Publication Type: Article / Article
  • Volume: 110 Issue: 4
  • Publication Date: 2020
  • Doi Number: 10.1007/s11277-019-06831-y
  • Journal Name: Wireless Personal Communications
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus, PASCAL, Applied Science & Technology Source, Communication Abstracts, Compendex, Computer & Applied Sciences, INSPEC
  • Page Numbers: pp.2087-2107
  • Keywords: Attacks, Authentication, Cryptanalysis, Cryptography, Internet multimedia subsystem, Session initiation protocol
  • Istanbul Gelisim University Affiliated: Yes

Abstract

© 2020, Springer Science+Business Media, LLC, part of Springer Nature.The IP multimedia subsystem represents an architectural framework to support multimedia-based services using internet protocol over wired and wireless media. These IP-based multimedia services rely on session initiation protocol (SIP) for creating, maintaining and terminating the communicative sessions, which underscores the efficiency and security of SIP protocol. Many SIP based authentication schemes have been put forward in the last decade, however with many limitations. Recently, Lu et al. and Chaudhary et al. presented SIP based authentication protocols. Then, Dongqing et al. discovered limitations in Lu et al. and Chaudhary et al. schemes, and presented an improved SIP authentication protocol. Nonetheless, we ascertain that Dongqing et al.’s protocol is prone to privileged insider attack, denial of service attack, and session specific ephemeral secret-leakage attack. Besides, this protocol assumes a strictly time synchronized system, which limits the practical effectiveness of the protocol for a real environment. We also propose an improved SIP authentication protocol that covers the limitations of Dongqing et al. protocol. Our scheme is formally proved as secure using BAN logic analysis. The performance analysis illustrates the comparison for related schemes with proposed scheme, which depicts the efficiency and robustness of the scheme over previous schemes.