TY - GEN
T1 - Off-line password-guessing attack to Yang's and Huang's authentication schemes for session initiation protocol
AU - Heasuk, Jo
AU - Yunho, Lee
AU - Mijin, Kim
AU - Seungjoo, Kim
AU - Dongho, Won
PY - 2009
Y1 - 2009
N2 - The Session Initiation Protocol(SIP) is an application-layer control protocol for creating, modifying, and terminating sessions with one or more participants in the IPbased telephony environment. Yang et al. and Huang et al. proposed a secure authentication scheme for session initiation protocol. Yang's scheme is based on Deffi-Hellman key agreement scheme and a combination of hash functions. In 2006, Huang et al. pointed out that Yang's scheme is insecure, and proposed an improved authentication scheme for SIP. In this paper, the secure of Yang's and Huang's scheme is analyzed. It is demonstrated that both schemes still have some weaknesses: it cannot withstand against the off-line passwordguessing attack. Based on our analysis, we found the security problem with these schemes and, in addition, shows how to fix it.
AB - The Session Initiation Protocol(SIP) is an application-layer control protocol for creating, modifying, and terminating sessions with one or more participants in the IPbased telephony environment. Yang et al. and Huang et al. proposed a secure authentication scheme for session initiation protocol. Yang's scheme is based on Deffi-Hellman key agreement scheme and a combination of hash functions. In 2006, Huang et al. pointed out that Yang's scheme is insecure, and proposed an improved authentication scheme for SIP. In this paper, the secure of Yang's and Huang's scheme is analyzed. It is demonstrated that both schemes still have some weaknesses: it cannot withstand against the off-line passwordguessing attack. Based on our analysis, we found the security problem with these schemes and, in addition, shows how to fix it.
KW - Authentication
KW - Key agreement
KW - Security
KW - Session initiation protocol
UR - http://www.scopus.com/inward/record.url?scp=73549097525&partnerID=8YFLogxK
U2 - 10.1109/NCM.2009.251
DO - 10.1109/NCM.2009.251
M3 - Conference contribution
AN - SCOPUS:73549097525
SN - 9780769537696
T3 - NCM 2009 - 5th International Joint Conference on INC, IMS, and IDC
SP - 618
EP - 621
BT - NCM 2009 - 5th International Joint Conference on INC, IMS, and IDC
T2 - NCM 2009 - 5th International Joint Conference on Int. Conf. on Networked Computing, Int. Conf. on Advanced Information Management and Service, and Int. Conf. on Digital Content, Multimedia Technology and its Applications
Y2 - 25 August 2009 through 27 August 2009
ER -