Abstract
Many two-factor challenge-response based session initiation protocol (SIP) has been proposed, but most of them are vulnerable to smart card stolen attacks and password guessing attacks. In this paper, we propose a novel three-factor SIP authentication scheme using biometrics, password and smart card, and utilize the pi calculus-based formal verification tool ProVerif to prove that the proposed protocol achieves security and authentication. Furthermore, our protocol is highly efficient when compared to other related protocols.
Highlights
The session initiation protocol (SIP) is an application layer controlling protocol for creation, modification and termination of Voice over Internet Protocol (VoIP) sessions with one or more participants
SIP authentication scheme is derived from HTTP digest authentication (Franks et al 1999), which cannot resist server-spoofing attack and password guessing attack (Yang et al 2005)
Liu and Koenig pointed out that Yoon et al.’s SIP authentication scheme is still insecure against the off-line password guessing attack and the insider attack (Liu and Koenig 2011)
Summary
The session initiation protocol (SIP) is an application layer controlling protocol for creation, modification and termination of Voice over Internet Protocol (VoIP) sessions with one or more participants. Xie and Tang SpringerPlus (2016)5:1045 attack, off-line password guessing attack and stolen-verifier attack, and proposed a new SIP authentication scheme. Irshad et al (2014) demonstrated that Tang et al.’s scheme cannot resist the server impersonation attack if an adversary can obtain the user’s password, and they proposed an improved protocol using ECC.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
