Abstract | ||
---|---|---|
Sessioninitiation protocol (SIP) reformed the controlling routine of voice over Internet Protocol based communication over public channels. SIP is inherently insecure because of underlying open text architecture. A number of solutions are proposed to boost SIP security. Very recently Farash (Peer to Peer Netw. Appl. 1–10, ) proposed an enhanced protocol to improve the security of Tu et al.’s protocol (Peer to Peer Netw. Appl. 1–8, ). Further, Farash claimed his protocol to be secure against all known attacks. However, in this paper we show that Farash’s protocol is insecure against impersonation attack, password guessing attack, lacks user anonymity and is vulnerable to session-specific temporary information attack. Further, we have proposed an upgraded protocol to enhance the security. The security and performance analysis shows that the proposed protocol reduced one point multiplication as compared with Farash’s protocol, while resisting all known attacks. We have proved the security of proposed protocol using automated tool ProVerif. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1007/s12083-015-0409-0 | Peer-to-Peer Networking and Applications |
Keywords | Field | DocType |
Authentication,Security,Anonymity and privacy,Impersonation attack,Provable security,ProVerif | Wide Mouth Frog protocol,Challenge-Handshake Authentication Protocol,Cryptographic protocol,Computer science,Computer security,Oakley protocol,Computer network,Otway–Rees protocol,Session Initiation Protocol,Authentication protocol,Reflection attack | Journal |
Volume | Issue | ISSN |
10 | 1 | 1936-6442 |
Citations | PageRank | References |
20 | 0.62 | 35 |
Authors | ||
6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Saru Kumari | 1 | 1747 | 98.86 |
Shehzad Ashraf Chaudhry | 2 | 420 | 28.94 |
Wu Fan | 3 | 1731 | 192.15 |
Xiong Li | 4 | 1619 | 83.80 |
Mohammad Sabzinejad Farash | 5 | 532 | 22.07 |
Muhammad Khurram Khan | 6 | 3538 | 204.81 |