A New Authentication and Key Exchange Protocol for Session Initiation Protocol Using Smart Card

In today′s communications over Internet Protocol (IP), Session Initiation Protocol (SIP) is using establish, modify and terminate the sessions multimedia among participants. Authentication is the most security service required for SIP. Authentication HTTP Digest is the original authentication protocol proposed for SIP. However, this protocol is demonstrated insecure against different attacks. To improve the authentication, a different authentication protocols have being proposed. Very recently, Jiang et al. demonstrate that Zhang et al.’s scheme cannot resist to impersonation attack. Then, Jiang et al. proposed their protocol. However, in this paper we show that Jiang et al.’s protocol suffer from server spoofing attack. In order to overcome this problem we propose an improved SIP authentication protocol. The security analysis shows that the proposed protocol is more secure and can deal with several attacks.