Abstract
Authentication is the most security service required by Session Initiation Protocol (SIP). In recently years, Zhang et al. proposed for the first time an efficient and flexible authentication protocol for SIP using smart card and Elliptic Curve Cryptography. But, in 2014, Zhang et al. showed that their latest proposed protocol is vulnerable to impersonation attack. In order to improve their protocol, Zhang et al. proposed a second protocol. However, in this work we demonstrate that Zhang et al.’s protocol is vulnerable to server spoofing attack. Furthermore to overcome the weakness of Zhang et al.’s protocol we propose an improved and secured SIP authentication and key exchange protocol. The security analysis shows that our proposed protocol can resist to various attack including server spoofing attack.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
