Security analysis and enhancements of an improved authentication for session initiation protocol with provable security |
| |
Authors: | Mohammad Sabzinejad Farash |
| |
Affiliation: | 1. Faculty of Mathematical Sciences and Computer, Kharazmi University, Tehran, Iran
|
| |
Abstract: | Very recently, Tu et al. proposed an authentication scheme for session initiation protocol using smart card to overcome the security flaws of Zhang et al.’s protocol. They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that Tu et al.’s protocol is insecure against impersonation attack. We show that an adversary can easily masquerade as a legal server to fool users. As a remedy, we also improve Tu et al.’s protocol without imposing extra computation cost. To show the security of our protocol, we prove its security in the random oracle model. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|