An advanced elliptic curve cryptography based mutual authentication scheme for session initiation protocol

  • yanrong lu
  • lixiang Li
  • haipeng peng
  • yixian yang


Session Initiation Protocol (SIP) as the controlling protocol hasattracted much attention. SIP is one of the most widely used forsecuring and controlling communication over the Internet. Recently,Arshad et al. proposed an enhanced mutual authentication scheme forSIP based on Tasi's scheme. In this paper, we focus on the securityweaknesses in the Arshad et al.'s SIP authenticated scheme withElliptic Curve Cryptography. We found that the enhanced schemeproposed by Arshad et al. is insecure against internal andmasquerade attacks while it does not provide anonymity and updatepassword phase. We then propose an advanced scheme to remedy theflaws and maintain benefits of the original scheme at the cost of increasing thecomputation costs slightly. Through a carefully securityanalysis and BAN logic analysis of our scheme, we show that ourscheme is more secure than other related schemes.