SESSION INITIATION PROTOCOL PASSWORD
proved that Yang et al.’s scheme cannot resist the stolen-verifier, the off-line password guessing and the Denning-Sacco attacks, and is not suitable for power constraint devices because of the high computational cost. presented an new scheme to cope with the aforementioned issue in. cannot resist the off-line password guessing attack and the server impersonation attack. pointed out that the scheme of Franks et al. The first authentication scheme for SIP based on hyper text transfer protocol (HTTP) digest authentication can be traced back to 1999 proposed by Franks et al. Up to now, SIP has gained the attention of extensive scholastic community. The Session Initiation Protocol (SIP) is an important and popular communications protocol for signaling and controlling multimedia communication sessions in applications including Internet telephony for voice and video calls, private IP telephone systems, as well as instant messaging over Internet Protocol (IP) networks. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.Ĭompeting interests: The authors have declared that no competing interests exist.
2017YFB0801901) to GX and National Key Research and Development Program of China (Grant no. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.ĭata Availability: All relevant data are within the paper and its Supporting Information files.įunding: This research is supported by the National Key Research and Development Plan (Grant No. Received: DecemAccepted: FebruPublished: March 16, 2018Ĭopyright: © 2018 Qiu et al. At last, comparing with the earlier proposals in terms of security and efficiency, we conclude that the proposed protocol is efficient and more secure.Ĭitation: Qiu S, Xu G, Ahmad H, Guo Y (2018) An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy. We also provide the security analysis of the proposed scheme with the help of widespread AVISPA (Automated Validation of Internet Security Protocols and Applications) software. We prove that the proposed protocol not only overcomes the issues in Farash’s scheme, but it can also resist against all known attacks. To overcome these limitations, in this paper we present an enhanced authentication mechanism based on Kumari et al.’s scheme. We point out that Farash’s protocol is prone to key-compromise impersonation attack and is unable to provide pre-verification in the smart card, efficient password change and perfect forward secrecy. But, we observe some accountable flaws in Farash’s protocol. Farash claimed that his protocol is resistant against various known attacks.
proposed an improved smart card based authentication scheme for SIP based on Farash’s scheme. The Session Initiation Protocol (SIP) is an extensive and esteemed communication protocol employed to regulate signaling as well as for controlling multimedia communication sessions.
0 kommentar(er)
