Security analysis and enhancements of an improved authentication for session initiation protocol with provable security

被引:54
|
作者
Farash, Mohammad Sabzinejad [1 ]
机构
[1] Kharazmi Univ, Fac Math Sci & Comp, Tehran, Iran
来源
PEER-TO-PEER NETWORKING AND APPLICATIONS | 2016年 / 9卷 / 01期
关键词
Password-based protocol; Elliptic curve; Session initiation protocol; Smart card; Random oracle model; KEY EXCHANGE PROTOCOL; IPV4-IPV6; TRANSLATION; MUTUAL AUTHENTICATION; AGREEMENT PROTOCOL; SCHEME; EFFICIENT; CRYPTANALYSIS; MECHANISM;
D O I
10.1007/s12083-014-0315-x
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Very recently, Tu et al. proposed an authentication scheme for session initiation protocol using smart card to overcome the security flaws of Zhang et al.'s protocol. They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that Tu et al.'s protocol is insecure against impersonation attack. We show that an adversary can easily masquerade as a legal server to fool users. As a remedy, we also improve Tu et al.'s protocol without imposing extra computation cost. To show the security of our protocol, we prove its security in the random oracle model.
引用
下载
收藏
页码:82 / 91
页数:10
相关论文
共 50 条
  • [1] Security analysis and enhancements of an improved authentication for session initiation protocol with provable security
    Mohammad Sabzinejad Farash
    Peer-to-Peer Networking and Applications, 2016, 9 : 82 - 91
  • [2] New provable security fast authentication protocol
    Zhu, Hui
    Li, Hui
    Pang, Liao-Jun
    Wang, Yu-Min
    Dianzi Keji Daxue Xuebao/Journal of the University of Electronic Science and Technology of China, 2009, 38 (01): : 55 - 58
  • [3] Security in session initiation protocol
    Yuan, HC
    Jiang, LL
    Ma, J
    ICCC2004: Proceedings of the 16th International Conference on Computer Communication Vol 1and 2, 2004, : 1622 - 1626
  • [4] Security Weakness in a Provable Secure Authentication Protocol Given Forward Secure Session Key
    Kim, Mijin
    Jo, Heasuk
    Kim, Seungjoo
    Won, Dongho
    COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2009, PT II, 2009, 5593 : 204 - 211
  • [5] Security analysis and improvement of two authentication and key agreement schemes for session initiation protocol
    Hamed Arshad
    Morteza Nikooghadam
    The Journal of Supercomputing, 2015, 71 : 3163 - 3180
  • [6] Security analysis and improvement of two authentication and key agreement schemes for session initiation protocol
    Arshad, Hamed
    Nikooghadam, Morteza
    JOURNAL OF SUPERCOMPUTING, 2015, 71 (08): : 3163 - 3180
  • [7] Generic Security Services API authentication support for the Session Initiation Protocol
    Strand, Lars
    Noll, Josef
    Leister, Wolfgang
    PROCEEDINGS OF THE SEVENTH ADVANCED INTERNATIONAL CONFERENCE ON TELECOMMUNICATIONS (AICT 2011), 2011, : 117 - 122
  • [8] Security protocol analysis with improved authentication tests
    Li, Xiehua
    Yang, Shutang
    Li, Jianhua
    Zhu, Hongwen
    INFORMATION SECURITY PRACTICE AND EXPERIENCE, PROCEEDINGS, 2006, 3903 : 123 - 133
  • [9] An Efficient Authentication Key Agreement Protocol with Provable Security for VANET
    Qiao Z.-R.
    Yang Q.-L.
    Zhou Y.-W.
    Yang B.
    Gu C.-X.
    Zhang M.-W.
    Xia Z.
    Jisuanji Xuebao/Chinese Journal of Computers, 2023, 46 (05): : 929 - 944
  • [10] Evaluation of security protocols for the session initiation protocol
    Cha, Eun-Chul
    Choi, Hyoung-Kee
    Cho, Sung-Jae
    PROCEEDINGS - 16TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS AND NETWORKS, VOLS 1-3, 2007, : 611 - 616
12345