Paper Info
Title
Cryptanalysis and improvement of password-authenticated key agreement for session initiation protocol using smart cards.
Abstract
Session Initiation Protocol (SIP) is one of the most commonly used protocols for handling sessions for over Internet Protocol based communications, and the security of SIP is becoming increasingly important. Recently, Zhang et al. proposed a password-authenticated key agreement protocol for SIP by using smart cards to protect the VoIP communications between users. Their protocol provided some unique features, such as mutual authentication, no password table needed, and password updating freely. In this study, we performed cryptanalysis of Zhang et al.'s protocol and found that their protocol was vulnerable to the impersonation attack although the protocol could withstand several other attacks. A malicious attacker could compute other users' privacy keys and then impersonated the users to cheat the SIP server. Furthermore, we proposed an improved password-authentication key agreement protocol for SIP, which overcame the weakness of Zhang et al.'s protocol and was more suitable for Voice over Internet Protocol communications. Copyright (c) 2014 John Wiley & Sons, Ltd.
Year
DOI
Venue
2014
10.1002/sec.951
SECURITY AND COMMUNICATION NETWORKS
Keywords
Field
DocType
authentication,key agreement,session initiation protocol,elliptic curve
Wide Mouth Frog protocol,User Datagram Protocol,Computer science,Oakley protocol,Computer security,Computer network,Otway–Rees protocol,Internet protocol suite,Session Initiation Protocol,Authentication protocol,Internet Protocol Control Protocol
Journal
Volume
Issue
ISSN
7
12
1939-0114
Citations 
PageRank 
References 
8
0.46
11
Authors
3
Name
Order
Citations
PageRank
Liping Zhang11086.04
Shanyu Tang221317.47
Zhihua Cai31823104.75