A novel mutual authentication scheme for session initiation protocol based on elliptic curve cryptography

R. Arshad; N. Ikram

A novel mutual authentication scheme for session initiation protocol based on elliptic curve cryptography

Research output: Contribution to conference › Paper › peer-review

Abstract

The session initiation protocol (SIP) is the most widely used signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of wireless communication. Recently, Tsai proposed an efficient nonce-based authentication scheme for SIP. In this paper, we do a cryptanalysis of Tsai's scheme and show that Tsai's scheme is vulnerable to the password guessing attack and stolen-verifier attack. Furthermore, Tsai's scheme does not provide known-key secrecy and perfect forward secrecy. We also propose a novel and secure mutual authentication scheme based on elliptic curve discrete logarithm problem for SIP which is immune to the presented attacks.

Original language	English
Publication status	Published - Feb 2011
Event	13th International Conference on Advanced Communication Technology (ICACT2011) - Gangwon, Korea Duration: 13 Feb 2011 → 16 Feb 2011

Conference

Conference	13th International Conference on Advanced Communication Technology (ICACT2011)
Period	13/02/11 → 16/02/11

Bibliographical note

Organising Body: Electronics and Telecommunications Research Institute (ETRI) National Information Society Agency (NIA) Global IT Research Institute (GIRI)

Keywords

Computer science and informatics

Cite this

@conference{6658ce6ded344188b154a144972325c3,

title = "A novel mutual authentication scheme for session initiation protocol based on elliptic curve cryptography",

abstract = "The session initiation protocol (SIP) is the most widely used signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of wireless communication. Recently, Tsai proposed an efficient nonce-based authentication scheme for SIP. In this paper, we do a cryptanalysis of Tsai's scheme and show that Tsai's scheme is vulnerable to the password guessing attack and stolen-verifier attack. Furthermore, Tsai's scheme does not provide known-key secrecy and perfect forward secrecy. We also propose a novel and secure mutual authentication scheme based on elliptic curve discrete logarithm problem for SIP which is immune to the presented attacks.",

keywords = "Computer science and informatics",

author = "R. Arshad and N. Ikram",

note = "Organising Body: Electronics and Telecommunications Research Institute (ETRI) National Information Society Agency (NIA) Global IT Research Institute (GIRI); 13th International Conference on Advanced Communication Technology (ICACT2011) ; Conference date: 13-02-2011 Through 16-02-2011",

year = "2011",

month = feb,

language = "English",

}

TY - CONF

T1 - A novel mutual authentication scheme for session initiation protocol based on elliptic curve cryptography

AU - Arshad, R.

AU - Ikram, N.

N1 - Organising Body: Electronics and Telecommunications Research Institute (ETRI) National Information Society Agency (NIA) Global IT Research Institute (GIRI)

PY - 2011/2

Y1 - 2011/2

N2 - The session initiation protocol (SIP) is the most widely used signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of wireless communication. Recently, Tsai proposed an efficient nonce-based authentication scheme for SIP. In this paper, we do a cryptanalysis of Tsai's scheme and show that Tsai's scheme is vulnerable to the password guessing attack and stolen-verifier attack. Furthermore, Tsai's scheme does not provide known-key secrecy and perfect forward secrecy. We also propose a novel and secure mutual authentication scheme based on elliptic curve discrete logarithm problem for SIP which is immune to the presented attacks.

AB - The session initiation protocol (SIP) is the most widely used signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of wireless communication. Recently, Tsai proposed an efficient nonce-based authentication scheme for SIP. In this paper, we do a cryptanalysis of Tsai's scheme and show that Tsai's scheme is vulnerable to the password guessing attack and stolen-verifier attack. Furthermore, Tsai's scheme does not provide known-key secrecy and perfect forward secrecy. We also propose a novel and secure mutual authentication scheme based on elliptic curve discrete logarithm problem for SIP which is immune to the presented attacks.

KW - Computer science and informatics

M3 - Paper

T2 - 13th International Conference on Advanced Communication Technology (ICACT2011)

Y2 - 13 February 2011 through 16 February 2011

ER -

A novel mutual authentication scheme for session initiation protocol based on elliptic curve cryptography

Abstract

Conference

Bibliographical note

Keywords

Fingerprint

Cite this