ارائه پروتکلی جامع و سبک وزن برای احرازهویت دو طرفه دستگاه‌های VoIP مبتنی بر کارت هوشمند

نیکوقدم, مهدی; امین طوسی, هاله

ارائه پروتکلی جامع و سبک وزن برای احرازهویت دو طرفه دستگاه‌های VoIP مبتنی بر کارت هوشمند

نوع مقاله : مقاله پژوهشی

نویسندگان

دانشگاه فردوسی مشهد

چکیده

همزمان با فراگیری استفاده از فناوری صوت بر روی IP (VoIP)برای انتقال داده‌های چند رسانه‌ای نظیر صوت و تصویر، پروتکل برقراری نشست(SIP)، در مرکز توجه بسیاری از تحقیقات قرار گرفته است. برای برقراری یک کانال ارتباطی امن بین دو طرف ارتباط با استفاده از SIP ، احرازهویت طرفین از اهمیت بالایی برخوردار است. در سال‌های اخیر، پژوهش‌های زیادی در زمینه پروتکل‌های احرازهویت انجام شده است که از جمله می‌توان طرحی سبک وزن برای احراز‌هویت درVoIP را که توسط ژنگ و همکاران ارائه شده نام برد. در این مقاله ابتدا اثبات خواهیم کرد طرح ژنگ در برابر حملات افشای پارامتر‌های تصادفی و منع‌ سرویس مقام نیست و نیاز امنیتی محرمانگی رو به جلو را تامین نمی‌کند. در ادامه، پروتکلی سبک وزن وکارآمد ارائه کرده‌ایم و نشان‌ داده‌ایم که پروتکل پیشنهادی در مقابل حملات مختلف مقاوم است و قادر به تامین نیازمندی‌های امنیتی اساسی همانند محرمانگی روبه جلو و گمنامی کاربر می باشد. همچنین عملکرد پروتکل پیشنهادی را به لحاظ پیچیدگی محاسباتی مورد بررسی قرار داده و نشان داده ایم که روش پیشنهادی در مقایسه با اغلب روشهای مشابه، دارای پیچیدگی محاسباتی کمتری می‌باشد. در نهایت، صحت پروتکل پیشنهادی را با ابزارهای رسمی Scyther و Proverif اثبات نموده‌ایم.

کلیدواژه‌ها

موضوعات

Authentication inc. smartcards

عنوان مقاله [English]

A Secure Lightweight Mutual Authentication Scheme for VoIP based on Smart Card

نویسندگان [English]

Mahdi Nikooghadam
Haleh Amintoosi

ferdowsi University of Mashhad

چکیده [English]

With the widespread use of Voice over IP (VoIP) technology to transmit multimedia such as voice and video, Session Initiation Protocol (SIP) has been the focus of many research. To establish a secure communication channel between the two parties using SIP, authentication of the parties is of the utmost importance. Many research has been done on authentication protocols in recent years, including the lightweight VoIP authentication scheme presented by Zhang et al. In this article, we first prove that Zhang's authentication scheme is not robust against known-session-specific temporary information attack and does not meet the security requirement of perfect forward secrecy. In addition, we present a lightweight and efficient authentication protocol and show that the proposed protocol is resistant to various attacks and is capable of meeting essential security requirements such as perfect forward secrecy and user anonymity. We have also examined the performance of the proposed protocol in terms of computational complexity and have shown that the proposed method has less computational complexity compared to most similar methods. Finally, we prove the correctness of the proposed protocol with Scyther and Proverif tools.

کلیدواژه‌ها [English]

Authentication
VoIP
SIP
Scyther
Provreif

مراجع

[1] Franks J, Hallam-Baker P, Hostetler J, Lawrence S, Leach P, Luotonen A, Stewart L Http

authentication: Basic and digest access authentication. In: IETF RFC2617, 1999.

[2] Yeh H., Chen T., Shih W., Robust smart card secured authentication scheme on SIP using Elliptic Curve Cryptography. Computer Standards & Interfaces; 2014, vol. 36, no.2, pp: 397-402.

[3] Zhang L, Tang S, Zhu S, An energy e_cient authenticated key agreement protocol for SIP-based green VoIP networks, J Netw Comput Appl, 2016, vol. 59, pp. 126-133.

[4] Chaudhry SA, Naqvi H, Sher M, Farash MS, Hassan MU. An improved and provably secure privacy preserving authentication protocol for sip. Peer-to-Peer Networking and Applications, 2017, vol. 10, no. 1, pp. 1-15.

[5] Sourav S., Odelu V., Prasath R., Enhanced Session Initiation Protocols for Emergency Healthcare Applications. In: Thampi S., Madria S., Wang G., Rawat D., Alcaraz Calero J. (eds) Security in Computing and Communications (SSCC), Communications in Computer and Information Science, 2018, vol 969, pp 278-289.

[6] Arshad H, Nikooghadam M. An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimedia Tools and Applications 2016, vol. 75, no.1, pp.181-197.

[7] H. Arshad and M. Nikooghadam, ‘‘Security analysis and improvement of two authentication and key agreement schemes for session initiation protocol,’’ J. Supercomput., 2015, vol. 71, no. 8, pp. 3163–3180. [8] Dhillon, P.K.; Kalra, S. Secure and efficient ECC based SIP authentication scheme for VoIP communications in internet of things. Multimed.ToolsAppl.2019, vo. 78, no. 16, pp.22199-22222. [9] Zhang Y, Xie K, Ruan O An improved and efficient mutual authentication scheme for session initiation protocol. PLoS ONE, , 2019, vol.14, vo.3.

[10] Ravanbakhsh, N., Mohammadi, M. Nikooghadam, Perfect forward secrecy in VoIP networks through design a lightweight and secure authenticated communication scheme, M. Multimed Tools Appl, 2019, vol. 78, no. 9, pp. 11129-11153.

[11] Amin R, Islam S, Biswas G, Giri D, Khan MK, Kumar N. A more secure and privacy-aware anonymous user authentication scheme for distributed mobile cloud computing environments. Secur Commun Netw. 2016, vol. 9, no.17, pp.4650-4666.

[12] A. Ostad-Sharif, D. Abbasinezhad-Mood, and M. Nikooghadam, ‘‘A robust and efficient ECC-based mutual authentication and session key generation scheme for healthcare applications,’’ J. Med. Syst., 2019, vol. 43, p. 10.

[13] Ostad-Sharif, A, Abbasinezhad-Mood, D, Nikooghadam, M. An enhanced anonymous and unlinkable user authentication and key agreement protocol for TMIS by utilization of ECC. Int J Commun Syst. 2019, vol. 32, no. 5.

[14] Cremers, C, Scyther - Semantics and Verification of Security Protocols. Ph.D. dissertation, Eindhoven University of Technology, 2006.

[15] Blanchet B, Cheval V, Allamigeon X, Smyth B. ProVerif: Cryptographic protocol verifier in theformalmodel.(Availableat:http://prosecco.gforge.inria.fr/personal/bblanche/proverif/).

[16] A.Durlanik, I. Sogukpinar. SIP authentication scheme using ECDH. World Enformatika Society Transaction on Engineering Computing and Technology, 2005, vol. 8, pp.350-353.

[17] EJ Yoon, KY Yoo, et al..A secure and efficient SIP authentication scheme for converged VoIP networks. Computer Communications, 2010, vol. 33, pp.1674-1681.

[18] Zhang L., Tang S., Cai Z.. Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card. International Journal of Communication Systems 2014. [19] Farash MS. Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Networking and Applications. 2016, vol. 9, no. 1, pp: 82–91. [20] Kumari S, Chaudhry S, Wu F, Li X, Farash M, Khan M. An improved smart card based authentication scheme for session initiation protocol. Peer-to-Peer Networking and Applications. 2015, vol. 10. no. 1, pp. 92-105.

[21]Zhang L, Tang S, Cai Z. Cryptanalysis and improvement of password-authenticated key

agreement for session initiation protocol using smart cards. Security and Communication

Networks. , 2014, vol. 7, no. 12, pp.2405-2411.

[22] Jiang Q, Ma J, Tian Y, Cryptanalysis of smart-card-based password authenticated key

agreement protocol for session initiation protocol of Zhang et al. Int J Commun Syst, 2015, vol.28, no. 7, pp:1340-1351.

[23]Tu, H., Kumar, N., Chilamkurti, N., Rho, S., An improved authentication protocol for session initiation protocol using smart card. Peer-to-Peer Networking and Applications, 2015, vol. 8, no. 5, pp. 903-910.

[24]Farash MS. Security analysis and enhancements of an improved authentication for ses sion initiation protocol with provable security. Peer-to-Peer Networking and Applications , 2016, vo. 9, no. 1, pp: 82 - 91 , .

[25]Chaudhry SA, Naqvi H, Sher M, Farash MS, Hassan MU. An improved and provably secure privacy preserving authentication protocol for sip. Peer-to-Peer Networking and Applications, 2017, vol. 10, no. 1, pp. 1 - 15.

[26]Mishra D, Das AK, Mukhopadhyay S, A secure and ecient ECC-based user anonymity preserving session initiation authentication protocol using smart card. Peer-to-peer Netw Appl, 2016, vol. 9, no. 1, pp. 171,192.

[27]Farash MS, Attari MA. An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards. International Journal of Communication Systems, 2016, vol. 29. no. 13, pp. 1956-1967.

[28]Lu Y, Li L, Peng H, Yang Y, An anonymous two-factor authenticated key agreement

scheme for session initiation protocol using elliptic curve cryptography. Multimedia Tools

and Applications, 2017, vol. 76, no. 2, pp. 1801-1815.

[29]Lu Y, Li L, Peng H, Yang Y, A secure and efficient mutual authentication scheme for session initiation protocol. Peer-to-Peer Netw Appl, 2016, vol. 9, no. 2, pp. 449-459.

[30]V. Sureshkumar, R. Amin, and R. Anitha, A robust mutual authentication scheme for session initiation protocol with key establishment, Peer-toPeer Netw. Appl. , 2018, vol. 11, no. 5, pp. 900-91.

[31]Zhang L, Tang S, Zhu S, An energy efficient authenticated key agreement protocol for SIP-based

green VoIP networks. J Netw Comput Appl, 2016, vol.59, pp.126–133.

[32]Qiu S, Xu G, Ahmad H. An enhanced password authentication scheme for session initiation protocol with perfect forward secrecy. PLOS ONE, 2018, vol. 13, no, 3.

[33]M. Nikooghadam, R. Jahantigh, and H. Arshad, ‘‘A lightweight authentication and key agreement protocol preserving user anonymity,’’ Multimedia Tools Appl., 2017, vol.76, no.11, pp. 13401–13423.

[34]Xu, L., Wu, F., Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. Journal of medical systems, 2015, vol. 39, no. 10.

[35]Amin, R., Islam, S. H., Biswas, G. P., Khan, M. K., Obaidat, M. S., Design and analysis of an enhanced patient-server mutual authentication protocol for telecare medical information system. Journal of medical systems, 2015, vol. 39, no.11, pp. 137.

[36]Xu L,Wu F Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J Med Syst, 2015, vol. 39, no. 2, pp:1–9. [37]Kumari S, Karuppiah M, Das AK, Li X, Wu F, Gupta V. Design of a secure anonymity preserving authentication scheme for session initiation protocol using elliptic curve cryptography. J Ambient Intell Human Comput,, 2018, vol. 9, no.3, pp 643–653.