Abstract
Session Initiation Protocol (SIP) is the most widely used signalling protocol for controlling communication, establishing, maintaining, and terminating sessions on the Internet. However, since sensitive information is often transmitted through open channels, a security authentication scheme is essential. Recently, Islam et al. proposed an authentication scheme for SIP, and argued that the scheme is immune to known attacks. However, we discover that their scheme fails to achieve user anonymity, and it cannot even resist impersonation attack. Therefore, this study proposes an enhanced mutual authentication scheme to eliminate the drawbacks of the scheme proposed by Islam et al. In addition, our proposed scheme is based on extended chaotic map, which avoids computationally expensive elliptic curve point multiplication. Then, we use Burrows-Abadi-Needham logic to prove that the proposed scheme achieves secure mutual authentication, and we use the Real-Or-Random model to analyze the formal security verification of the session key. Finally, we compare the performance and the security features of the proposed scheme with some existing schemes. Therefore, we provide better safety and efficiency than related schemes and the proposed scheme is suitable for SIP.
Highlights
Due to the rapid development of Internet technology, a large number of people are communicating through the Internet
Session Initiation Protocol (SIP) is a multimedia communication protocol developed by the Internet Engineering Task Force (IETF) [1]
The result shows that their scheme fails to protect user anonymity, and it cannot resist the impersonation attack
Summary
Due to the rapid development of Internet technology, a large number of people are communicating through the Internet. In [19], Islam et al proposed a three-factor SIP for multimedia big data communication They stated that their scheme is robust and flexible to resist existing security issues. (6) Remote server not knowing password and biometrics: When designing a robust authentication scheme, the security research community recommended that the remote server should not contain any information about user passwords and biometrics If this requirement is not met, the privileged person of the remote server can disguise the user by accessing another application server, where the user has registered himself with the same login credentials. We put forward a new secure and efficient remote authentication scheme for SIP that uses the extended chaotic map, user biometrics, password, and smart- card simultaneously.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
