A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Survey of security vulnerabilities in session initiation protocol
IEEE Communications Surveys & Tutorials
New directions in cryptography
IEEE Transactions on Information Theory
SIP security issues: the SIP authentication procedure and its processing load
IEEE Network: The Magazine of Global Internetworking
Multimedia Tools and Applications
| Hi-index | 0.00 |
The Session Initiation Protocol (SIP) is the most widely used signaling protocol for controlling communication on the internet, establishing, maintaining, and terminating the sessions. The services that are enabled by SIP are equally applicable in the world of multimedia communication. Recently, Tsai proposed an efficient nonce-based authentication scheme for SIP. In this paper, we do a cryptanalysis of Tsai's scheme and show that Tsai's scheme is vulnerable to the password guessing attack and stolen-verifier attack. Furthermore, Tsai's scheme does not provide known-key secrecy and perfect forward secrecy. We also propose a novel and secure mutual authentication scheme based on elliptic curve discrete logarithm problem for SIP which is immune to the presented attacks.