Multimedia Tools and Applications
Robust smart card secured authentication scheme on SIP using Elliptic Curve Cryptography
Computer Standards & Interfaces
| Hi-index | 0.00 |
Session Initiation Protocol (SIP) is widely used in the current Internet protocols such as Hyper Text Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). In 2005,andproposed an authentication scheme using Elliptic Curve Diffie-Hellman (ECDH) problem for SIP called DS-SIP. However, this paper demonstrates that DS-SIP authentication scheme is still vulnerable to Denning-Sacco attack which an attacker can easily find a legal user's secret password when SIP client or SIP server compromises an old shared session key. In addition, we show that it can not resist the stolen-verifier attack where if an attacker has the ability to get the stored password verifier someway then it can be used to masquerade as the original user. In addition, this paper also proposes an enhanced DS-SIP (called EDS-SIP) authentication scheme based on ECDH in order to overcome such a security problem. As a result, the proposed EDS-SIP authentication scheme is more secure and has same efficient compare with Durlanik and Sogukpinar's DS-SIP authentication scheme.