An Enhanced Authenticated Key Agreement for Session Initiation Protocol
نویسندگان
چکیده
In 2012, Xie proposed an authentication scheme based on Elliptic Curve Cryptography (ECC) for Session Initiation Protocol (SIP). However, this paper demonstrates that the Xie's scheme is vulnerable to impersonation at-tack by which an active adversary can easily forge the server's identity. Based on this attack, we also show that the Xie's scheme is also defenceless to off-line password guessing attack. Therefore, we propose a more secure and efficient scheme, which does not only cover all the security flaws and weaknesses of related previous protocols, but also provides more functionalities. We also evaluate the proposed protocol by AVISPA (Automated Validation of Internet Security Protocols and Applications) tools and confirm its security attributes.
منابع مشابه
An improved authentication protocol for session initiation protocol using smart card
The authenticated key agreement protocol is an important security protocol for the session initiation protocol, which allows the and the server to authenticate each other and generate a shared session key for privacy, integrity, and non-repudiation in their communications. Recently, Zhang et al. proposed a new authenticated key agreement protocol for the session initiation protocol using smart ...
متن کاملAn Enhanced and Secure Protocol for Authenticated Key Exchange
An enhanced authentication key exchange protocol was proposed to exchange multiple session keys between two participants at a time. This paper shows that this enhanced protocol is insecure under the known session key attack, known long-term private key attack, signature forgery attack, and replay attack. This paper also proposes an enhanced and secure key agreement protocol for exchanging multi...
متن کاملWeakness in a Mutual Authentication Scheme for Session Initiation Protocol using Elliptic Curve Cryptography
The session initiation protocol (SIP) is a powerful signaling protocol that controls communication on the Internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of mobile and ubiquitous computing. In 2009, Tsai proposed an authenticated key agreement scheme as an enhancement to SIP. Very recently, Arshad et al....
متن کاملEfficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks
At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent var...
متن کاملA Robust Authenticated Key Agreement Protocol
In this paper, we propose a robust authenticated key agreement protocol in which two communication parties exchange a secret session key and authenticate each other. The protocol can be considered as an improvement of simple authenticated key agreement algorithm (SAKA). However, our protocol is more significant in that it addresses the problem of the off-line password guessing attack.
متن کاملPairing-Based Two-Party Authenticated Key Agreement Protocol
To achieve secure data communications, two parties should be authenticated by each other and agree on a secret session key by exchanging messages over an insecure channel. In this paper, based on the bilinear pairing, we present a new two-party authenticated key agreement protocol, and use the techniques from provable security to examine the security of our protocol within Bellare-Rogaway model.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- ITC
دوره 42 شماره
صفحات -
تاریخ انتشار 2013