A secure and robust elliptic curve cryptography‐based mutual authentication scheme for session initiation protocol

Abstract

AbstractSession initiation protocol (SIP) is known as multimedia communication protocol based on IP, which is leveraged to provide signaling as well as instant messaging services. Since SIP services are widely used by Internet users, an important challenge is to supply mutual authentication between the SIP server and the user. Recently, Qui et al have presented an authentication and key agreement protocol for SIP and mentioned that their protocol is efficient and secure. In this article, we demonstrate that the protocol proposed by Qui et al is not able to provide mutual authentication and is prone to various attacks including Denning‐Sacco and denial of service attacks. We then propose a secure and efficient two‐factor authentication and key agreement protocol for SIP using elliptic curve cryptography (ECC). We analyze the security of the proposed scheme and show that it is able to satisfy various security features and resist different types of attacks. We also compare the computation and communication costs of the proposed scheme with other related authentication schemes and demonstrate that the proposed scheme outperforms other known ECC‐based methods in achieving low computation and communication costs as well as resisting against all known attacks.