An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

Farash, Mohammad Sabsinejad

doi:10.1002/dac.2879

Cited by 39 publications

(34 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are so many researches about the performance aspects of SIP proxy servers. Because of SIP's popularity and rapidly growing deployments in the Internet Protocol (IP) networks, the SIP server overload [5][6][7][8][9][10][11][12], its security [1,2,[13][14][15][16] and session mobility [17][18][19] are the main challenges of the network. Mishra et al presents a cut-off priority queuing scheduling with a timeout method [5].…”

Section: Related Workmentioning

confidence: 99%

A load scheduler for SIP proxy servers: design, implementation and evaluation of a history weighted window approach

Montazerolghaem

Shekofteh

Yaghmaee

et al. 2015

Int J Communication

View full text Add to dashboard Cite

SUMMARYThe widespread use of Session Initiation Protocol as a signalling protocol has created various challenges. An important one is that its throughput can be severely degraded when an overload happens in the proxy server because of several retransmissions from the user agent. One common approach to overcome this problem is 'load balancing'. A balancer needs to know the status of proxy servers, which are continuously gathered implicitly or explicitly. Implicit methods have averagely less overhead than explicit ones. This paper attempts to prevent throughput reduction by balancing the loads among available proxy servers properly using an implicit mechanism called History Weighted Average Response time. The proposed algorithm is robust because it incurs no extra processing to proxy servers. The novelty of the mechanism is making use of 'response time history' to estimate the load being currently processed on servers. By implementing in a real testbed, throughput and scalability are improved compared with an important state-of-the-art similar algorithm. This improvement stems from no need for modification in SIP protocol, easy implementation and application, simple computations for making decision and no need for extra feedback between servers and load balancer.

show abstract

Section: Related Workmentioning

confidence: 99%

A load scheduler for SIP proxy servers: design, implementation and evaluation of a history weighted window approach

Montazerolghaem

Shekofteh

Yaghmaee

et al. 2015

Int J Communication

View full text Add to dashboard Cite

show abstract

“…Authenticated key exchange schemes are being widely used in various environments [1][2][3][4][5]. A number of twoparty [6][7][8][9][10][11][12][13][14][15][16][17] and three-party authenticated key agreements [18][19][20][21][22][23][24] are available. Roaming service is provided by ubiquitous networks to permit a mobile node (MN) to use the services extended by his or her home agent (HA) in a foreign agent (FA).…”

Section: Introductionmentioning

confidence: 99%

A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security

Farash

Chaudhry

Heydari

et al. 2015

Int J Communication

View full text Add to dashboard Cite

Ubiquitous networks provide roaming service for mobile nodes enabling them to use the services extended by their home networks in a foreign network. A mutual authentication scheme between the roamed mobile node and the foreign network is needed to be performed through the home network. Various authentication schemes have been developed for such networks, but most of them failed to achieve security in parallel to computational efficiency. Recently, Shin et al. and Wen et al. separately proposed two efficient authentication schemes for roaming service in ubiquitous networks. Both argued their schemes to satisfy all the security requirements for such systems. However, in this paper, we show that Shin et al.'s scheme is susceptible to: (i) user traceability; (ii) user impersonation; (iii) service provider impersonation attacks; and (iv) session key disclosure. Furthermore, we show that Wen et al.'s scheme is also insecure against: (i) session key disclosure; and (ii) known session key attacks. To conquer the security problems, we propose an improved authentication scheme with anonymity for consumer roaming in ubiquitous networks. The proposed scheme not only improved the security but also retained a lower computational cost as compared with existing schemes. We prove the security of proposed scheme in random oracle model. of 20Step 1: MN ! FA: M 1 D ¹M V 1 ; M V 2 ; M V 3 º MN inputs his identity ID MN and password P W MN . MN then computes h.ID M jjh.P W MN // and checks if the result and A MN stored in his mobile device are of 20 4 Mobile node chooses its identity ID MN , password P W MN , and a random number d . Further, MN computes f D h.ID MN kP W MN kd /. Finally, MN sends ID MN and f to the HA by using some secure channel. HA computes K MN D h.ID MN jjx/˚f using secret x. Further, HA pledges a counter ct r MN D 0 for MN and forms a record .ID MN ; ct r MN / in his database. HA then engraves the smart card (SC MN ) with K MN , ct r MN , h.:/, and n. HA issues the smart card (SC MN ) to MN. After obtaining the smart card (SC MN ), MN computes f D h.ID MN˚P W MN˚d / and writes f on SC MN . Finally, the SC MN contains ¹ct r MN ; K MN ; f ; n; d , h.:/º. Login and authentication phaseThe procedure for login and authentication is outlined in Figure 3; the same is illustrated as follows: (1) MN ! FA W M 1 . MN inserts his smart card (SC MN ) in the reader and enters his identity ID MN and password P W MN . SC MN computes f 0 D h.ID MN˚P W MN˚d / and then verifies whether f 0 D f or not. If f 0 ¤ f , the login phase terminates immediately. Otherwise, SC MN computes K MN D K MN˚h .ID MN kP W MN kd /. Then SC MN generates random n MN and computes ct r MN D ct r MN C 1 and V 1 D .ID MN jj K MN jjn MN jjct r MN jjID FA / 2 modn. Finally, MN sends the M 1 D .V 1 ; ct r MN ; ID HA / to FA.Figure 3. Wen et al.'s scheme [38]. Proposition 5 (Secure key establishment)The improved scheme provides secure key establishment. ProofAfter completion of the protocol, the MN, FA, and HA will establish a common session key SK FA D SK MN ...

show abstract

“…[]. Subsequently, a large number of smart card‐based authentication schemes are proposed [,]. The past research on authentication has ascertained that the development of a correct authentication scheme is exceptionally difficult [] as smart card is a very small device equipped with limited computation, memory, and power resources.…”

Section: Introductionmentioning

confidence: 99%

“…So authentication schemes [] based on symmetric key primitives (hash, message authentication code , exclusive or, symmetric encryption, etc.) look more desirable instead of schemes [] based on expensive asymmetric primitives (point multiplication, exponentiation, pairing, etc. ), but keeping in mind the sensitivity of tasks (e.g., financial and health care) carried out by such schemes, which are also having additional threats as compared with traditional threats, asymmetric cryptography looks more promising which can resist impersonation, password guessing, and replay attacks.…”

Section: Introductionmentioning

confidence: 99%

An enhanced privacy preserving remote user authentication scheme with provable security

Chaudhry

Farash

Naqvi

et al. 2015

Security Comm Networks

View full text Add to dashboard Cite

Very recently, Kumari et al. proposed a symmetric key and smart card‐based remote user password authentication scheme to enhance Chung et al.'s scheme. They claimed their enhanced scheme to provide anonymity while resisting all known attacks. In this paper, we analyze that Kumari et al.'s scheme is still vulnerable to anonymity violation attack as well as smart card stolen attack. Then we propose a supplemented scheme to overcome security weaknesses of Kumari et al.'s scheme. We have analyzed the security of the proposed scheme in random oracle model which confirms the robustness of the scheme against all known attacks. We have also verified the security of our scheme using automated tool ProVerif. Copyright © 2015 John Wiley & Sons, Ltd.

show abstract

An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

Cited by 39 publications

References 42 publications

A load scheduler for SIP proxy servers: design, implementation and evaluation of a history weighted window approach

A load scheduler for SIP proxy servers: design, implementation and evaluation of a history weighted window approach

A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security

An enhanced privacy preserving remote user authentication scheme with provable security

Contact Info

Product

Resources

About