Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography
The session initiation protocol (SIP) has been receiving a lot of attention to provide security in the Voice over IP (VoIP) in Internet and mobility management. Recently, Yeh et al. proposed a smart card-based authentication scheme for SIP using elliptic curve cryptography (ECC). They claimed that t...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Published: |
Springer New York LLC
2016
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/69112/ http://dx.doi.org/10.1007/s11042-015-2487-7 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.69112 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.691122017-11-20T08:52:12Z http://eprints.utm.my/id/eprint/69112/ Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography Farash, Mohammad Sabzinejad Kumari, Saru Bakhtiari, Majid QA75 Electronic computers. Computer science The session initiation protocol (SIP) has been receiving a lot of attention to provide security in the Voice over IP (VoIP) in Internet and mobility management. Recently, Yeh et al. proposed a smart card-based authentication scheme for SIP using elliptic curve cryptography (ECC). They claimed that their scheme is secure against known security attacks. However, in this paper, we indicate that Yeh et al.’s scheme is vulnerable to off-line password guessing attack, user impersonation attack and server impersonation attack, in the case that the smart card is stolen and the information stored in the smart card is disclosed. As a remedy, we also propose an improved smart card-based authentication scheme which not only conquers the security weaknesses of the related schemes but also provides a reduction in computational cost. The proposed scheme also provides the user anonymity and untraceability, and allows a user to change his/her password without informing the remote server. To show the security of our protocol, we prove its security the random oracle model. Springer New York LLC 2016 Article PeerReviewed Farash, Mohammad Sabzinejad and Kumari, Saru and Bakhtiari, Majid (2016) Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography. Multimedia Tools and Applications, 75 (8). pp. 4485-4504. ISSN 1380-7501 http://dx.doi.org/10.1007/s11042-015-2487-7 DOI:10.1007/s11042-015-2487-7 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Farash, Mohammad Sabzinejad Kumari, Saru Bakhtiari, Majid Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography |
| description |
The session initiation protocol (SIP) has been receiving a lot of attention to provide security in the Voice over IP (VoIP) in Internet and mobility management. Recently, Yeh et al. proposed a smart card-based authentication scheme for SIP using elliptic curve cryptography (ECC). They claimed that their scheme is secure against known security attacks. However, in this paper, we indicate that Yeh et al.’s scheme is vulnerable to off-line password guessing attack, user impersonation attack and server impersonation attack, in the case that the smart card is stolen and the information stored in the smart card is disclosed. As a remedy, we also propose an improved smart card-based authentication scheme which not only conquers the security weaknesses of the related schemes but also provides a reduction in computational cost. The proposed scheme also provides the user anonymity and untraceability, and allows a user to change his/her password without informing the remote server. To show the security of our protocol, we prove its security the random oracle model. |
| format |
Article |
| author |
Farash, Mohammad Sabzinejad Kumari, Saru Bakhtiari, Majid |
| author_facet |
Farash, Mohammad Sabzinejad Kumari, Saru Bakhtiari, Majid |
| author_sort |
Farash, Mohammad Sabzinejad |
| title |
Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography |
| title_short |
Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography |
| title_full |
Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography |
| title_fullStr |
Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography |
| title_full_unstemmed |
Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography |
| title_sort |
cryptanalysis and improvement of a robust smart card secured authentication scheme on sip using elliptic curve cryptography |
| publisher |
Springer New York LLC |
| publishDate |
2016 |
| url |
http://eprints.utm.my/id/eprint/69112/ http://dx.doi.org/10.1007/s11042-015-2487-7 |
| _version_ |
1643656004791959552 |