Title | ||
---|---|---|
Cryptanalysis and improvement of password-authenticated key agreement for session initiation protocol using smart cards. |
Abstract | ||
---|---|---|
Session Initiation Protocol (SIP) is one of the most commonly used protocols for handling sessions for over Internet Protocol based communications, and the security of SIP is becoming increasingly important. Recently, Zhang et al. proposed a password-authenticated key agreement protocol for SIP by using smart cards to protect the VoIP communications between users. Their protocol provided some unique features, such as mutual authentication, no password table needed, and password updating freely. In this study, we performed cryptanalysis of Zhang et al.'s protocol and found that their protocol was vulnerable to the impersonation attack although the protocol could withstand several other attacks. A malicious attacker could compute other users' privacy keys and then impersonated the users to cheat the SIP server. Furthermore, we proposed an improved password-authentication key agreement protocol for SIP, which overcame the weakness of Zhang et al.'s protocol and was more suitable for Voice over Internet Protocol communications. Copyright (c) 2014 John Wiley & Sons, Ltd. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1002/sec.951 | SECURITY AND COMMUNICATION NETWORKS |
Keywords | Field | DocType |
authentication,key agreement,session initiation protocol,elliptic curve | Wide Mouth Frog protocol,User Datagram Protocol,Computer science,Oakley protocol,Computer security,Computer network,Otway–Rees protocol,Internet protocol suite,Session Initiation Protocol,Authentication protocol,Internet Protocol Control Protocol | Journal |
Volume | Issue | ISSN |
7 | 12 | 1939-0114 |
Citations | PageRank | References |
8 | 0.46 | 11 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Liping Zhang | 1 | 108 | 6.04 |
Shanyu Tang | 2 | 213 | 17.47 |
Zhihua Cai | 3 | 1823 | 104.75 |