Premium
Cryptanalysis and improvement of 2 mutual authentication schemes for Session Initiation Protocol
Author(s) -
Qiu Shuming,
Xu Guoai,
Guo Yanhui,
Zhang Miao
Publication year - 2018
Publication title -
international journal of communication systems
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.344
H-Index - 49
eISSN - 1099-1131
pISSN - 1074-5351
DOI - 10.1002/dac.3568
Subject(s) - computer science , mutual authentication , cryptanalysis , computer security , authentication protocol , session key , security analysis , session (web analytics) , replay attack , authentication (law) , scheme (mathematics) , challenge–response authentication , password , protocol (science) , computer network , cryptography , encryption , mathematics , medicine , mathematical analysis , alternative medicine , pathology , world wide web
Summary Recently, Chaudhry et al and Kumari et al proposed an advanced mutual authentication protocol for Session Initiation Protocol on the basis of the protocol of Lu et al. The authors claimed that their schemes can be resistant to various attacks. Unfortunately, we observe some important flaws in their respective schemes. We point out that their schemes are prone to off‐line password guessing and privileged insider attacks. To remedy their protocols's drawbacks, in this paper, we present a new improved authentication scheme keeping apart the threats encountered in the design of the schemes of Chaudhry et al and Kumari et al. Furthermore, the security analysis illustrates that our proposed scheme not only removes these drawbacks in their schemes but also can resist all known attacks and provide session key security. We give a heuristic security analysis and also provide the security analysis of the proposed scheme with the help of widespread Burrows‐Abadi‐Needham Logic. Finally, our scheme is compared with the previously proposed schemes on security and performance.