Cryptanalysis and improvement of a robust smart card secured authentication scheme on SIP using elliptic curve cryptography

Multimedia Tools and Applications

Volumn 75, Issue 8, 2016, Pages 4485-4504

  Farash, Mohammad Sabzinejad ^a   Kumari, Saru ^b   Bakhtiari, Majid ^c  

^a KHARAZMI UNIVERSITY   (Iran)

^b AGRA COLLEGE   (India)

^c UNIVERSITI TEKNOLOGI MALAYSIA   (Malaysia)

Author keywords

Authentication scheme; Elliptic curve cryptography; Random oracle model; Session initiation protocol

Indexed keywords

AUTHENTICATION; CRYPTOGRAPHY; GEOMETRY; INTERNET TELEPHONY; PUBLIC KEY CRYPTOGRAPHY; SMART CARDS; TRANSPORTATION; VOICE/DATA COMMUNICATION SYSTEMS;

AUTHENTICATION SCHEME; ELLIPTIC CURVE CRYPTOGRAPHY; ELLIPTIC CURVE CRYPTOGRAPHY(ECC); OFFLINE PASSWORD GUESSING ATTACK; RANDOM ORACLE MODEL; SESSION INITIATION PROTOCOL; SESSION INITIATION PROTOCOLS; USER IMPERSONATION ATTACKS;

INTERNET PROTOCOLS;

EID: 84923012240     PISSN: 13807501     EISSN: 15737721     Source Type: Journal    
DOI: 10.1007/s11042-015-2487-7     Document Type: Article

References (42)

1. Abdalla M, Pointcheval D Interactive Diffie-Hellman assumptions with Applications to Password-based Authentication. In: Proceedings of FC’05, LNCS 3570, 2005, pp 341–356
2. Arshad H, Nikooghadam M (2014) An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimedia Tools and Applications. doi:10.1007/s11042-014-2282-x
3. Arshad R, Ikram N (2013) Elliptic curve cryptography based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 66(2):165–178
4. Bayat M, Farash MS, Movahed A (2010) A Novel Secure Bilinear Pairing Based Remote User Authentication Scheme with Smart Card. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing (EUC), pp 578–582
5. Chen TH, Yeh HL, Liu PC, Hsiang HC, Shih WK (2010) A secured authentication protocol for SIP using elliptic curves cryptography. In: CCIS, vol 119. Springer, pp 46–55
6. Das AK, Goswami A (2013) A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J Med Syst. doi:10.1007/s10916-013-9948-1
7. Farash MS, Attari MA (2014) An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps. Nonlinear Dyn 77(1-2):399–411
8. Farash MS, Bayat M, Attari MA (2011) Vulnerability of two multiple-key agreement protocols. Comput Electr Eng 37(2):199–204
9. Farash MS, Attari MA (2012) An id-based key agreement protocol based on ECC among users of separate networks. In: 9th International ISC Conference on Information Security and Cryptology (ISCISC’12), pp 32–37
10. Farash MS, Attari MA (2014) A Pairing-free ID-based Key Agreement Protocol with Different PKGs. International journal of Network Security 16(2):143–148
11. Farash MS, Attari MA (2014) An Enhanced and Secure Three-Party Password-based Authenticated Key Exchange Protocol without Using Server’s Public-Keys and Symmetric Cryptosystems. Information Technology And Control 43(2):143–150
12. Farash MS, Attari MA (2014) Cryptanalysis and improvement of a chaotic maps-based key agreement protocol using Chebyshev sequence membership testing. Nonlinear Dyn 76(2):1203–1213
13. Farash MS, Attari MA, Atani RE, Jami M (2013) A new efficient authenticated multiple-key exchange protocol from bilinear pairings. Comput Electr Eng 39(2):530–541
14. Farash MS, Attari MA (2013) Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC. ISC Int J Inf Secur 5(1):18–43
15. Farash MS, Attari MA, Bayat M (2012) A certificateless multiple-key agreement protocol without hash functions based on bilinear pairings. International Journal of Engineering and Technology 4(3):321–325
16. Farash MS (2014) Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography. J Supercomput. doi:10.1007/s11227-014-1272-0
17. Farash MS, Attari MA (2014) An efficient client-client password-based authentication scheme with provable security. J Supercomput. doi:10.1007/s11227-014-1273-z
18. Farash MS, Attari MA (2014) A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks. J Supercomput 69(1):395–411
19. Farash MS, Attari MA (2014) A provably secure and efficient authentication scheme for access control in mobile pay-TV systems. Multimed Tools Appl. doi:10.1007/s11042-014-2296-4
20. Farash MS, Attari MA, Kumari S (2014) Cryptanalysis and improvement of a three-party password based authenticated key exchange protocol with user anonymity using extended chaotic maps. Int J Commun Syst. doi:10.1002/dac.2912
21. Farash MS (2014) Cryptanalysis and improvement of “an improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks”. Int J Netw Manag 25(1):31–51
22. Farash MS, Islam SH, Obaidat MS (2015) A provably secure and efficient two-party password-based explicit authenticated key exchange protocol resistance to password guessing attacks. Concurrency and Computation: Practice & Experience. doi:10.1002/cpe.3477
23. Farash MS, Attari MA (2013) An Enhanced Authenticated Key Agreement for Session Initiation Protocol. Information Technology and Control 42(4):333–342
24. Farash MS, Attari MA (2014) An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards. Int J Commun Syst. doi:10.1002/dac.2848
25. Farash MS, Attari MA (2014) An improved password-based authentication scheme for session initiation protocol using smart cards without verification table. Int J Commun Syst. doi:10.1002/dac.2879
26. Farash MS (2014) Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Networking and Applications. doi: 10.1007/s12083-014-0315-x
27. Irshad A, Sher M, Rehman E, Ashraf Ch S, Hassan MU, Ghani A (2013) A single round-trip SIP authentication scheme for Voice over Internet Protocol using smart card. Multimed Tools Appl. doi:10.1007/s11042-013-1807-z
28. Jiang Q, Ma J, Tian Y (2014) Cryptanalysis of smartcardbased password authenticated key agreement protocol for session initiation protocol of Zhang et al. Int J Commun Syst. 10.1002/dac.2767
29. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. Advances in Cryptology. CRYPTO99 1666:788–797
30. Lee YC (2013) Weakness and Improvement of the Smart Card Based Remote User Authentication Scheme with Anonymity. J Inf Sci Eng 29(6):1121–1134
31. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
32. Tsai JL (2009) Efficient nonce-based authentication scheme for session initiation protocol. Int J Netw Secur 8(3):312–316
33. Tang H, Liu X (2013) Cryptanalysis of Arshad et al.’s ECC-based mutual authentication scheme for session initiation protocol. Multimed Tools Appl 65(3):321–333
34. Tu H, Kumar N, Chilamkurti N, Rho S (2014) An improved authentication protocol for session initiation protocol using smart card. Peer-to-Peer Netw Appl. doi:10.1007/s12083-014-0248-4
35. Wu S, Zhu Y, Pu Q (2012) Robust smartcardsbased user authentication scheme with user anonymity. Security and Communication Networks 5(2):236–248
36. Wang Y (2012) Password protected smart card and memory stick authentication against off-line dictionary attacks. In: Proceedings of 27th IFIP TC 11 Information Security and Privacy Conference (SEC 2012). Springer, Heraklion, pp 489–500
37. Xie Q (2012) A new authenticated key agreement for session initiation protocol. Int J Commun Syst 25(1):47–54
38. Yoon EJ, Yoo KY A new authentication scheme for session initiation protocol, in 2009 International Conference on Complex, In: Intelligent and Software Intensive Systems, CISIS 2009, pp 549–554
39. Yoon E, Shin Y, Jeon I, Yoo K (2010) Robust mutual authentication with a key agreement scheme for the session initiation protocol. IETE Techn Rev 27 (3):203–213
40. Yeh HL, Chen TH, Shih WK (2014) Robust smart card secured authentication scheme on SIP using Elliptic Curve Cryptography. Computer Standards & Interfaces 36 (2):397–402
41. Zhang L, Tang S, Cai Z (2013) Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card. Int J Commun Syst. doi:10.1002/dac.2499
42. Zhang L, Tang S, Cai Z (2014) Cryptanalysis and improvement of password authenticated key agreement for session initiation protocol using smart cards. Secur Comm Networks. doi:10.1002/sec.951