Session Initiation Protocol (SIP) is the most widely used signalling protocol for controlling communication, establishing, maintaining, and terminating sessions on the Internet. However, since sensitive information is often transmitted through open channels, a security authentication scheme is essential. Recently, Islam et al. proposed an authentication scheme for SIP, and argued that the scheme is immune to known attacks. However, we discover that their scheme fails to achieve user anonymity, and it cannot even resist impersonation attack. Therefore, this study proposes an enhanced mutual authentication scheme to eliminate the drawbacks of the scheme proposed by Islam et al. In addition, our proposed scheme is based on extended chaotic map, which avoids computationally expensive elliptic curve point multiplication. Then, we use Burrows-Abadi-Needham logic to prove that the proposed scheme achieves secure mutual authentication, and we use the Real-Or-Random model to analyze the formal security verification of the session key. Finally, we compare the performance and the security features of the proposed scheme with some existing schemes. Therefore, we provide better safety and efficiency than related schemes and the proposed scheme is suitable for SIP.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.