Secure SIP authentication scheme supporting lawful interception
Article first published online: 5 JUN 2012
Copyright © 2012 John Wiley & Sons, Ltd.
Security and Communication Networks
Volume 6, Issue 3, pages 340–350, March 2013
How to Cite
Pu, Q., Wang, J. and Wu, S. (2013), Secure SIP authentication scheme supporting lawful interception. Security Comm. Networks, 6: 340–350. doi: 10.1002/sec.568
- Issue published online: 25 FEB 2013
- Article first published online: 5 JUN 2012
- National Natural Science Foundation of China. Grant Numbers: 61101112, 91024131
- China Postdoctoral Science Foundation. Grant Number: 2011M500775
- elliptic curve;
- lawful interception
The session initiation protocol (SIP) is the most widely used signaling protocol for creating, modifying, and terminating multimedia sessions in an Internet Protocol-based telephony environment. Recently, Arshad et al. proposed an authentication scheme based on elliptic curve cryptosystems for SIP. In this paper, we first show that their scheme is vulnerable to the password-guessing attack. Thereafter, we propose a new authentication and key agreement scheme for SIP, which is immune to the presented attacks. Our scheme achieves provable security and, yet, is efficient. Moreover, we also provide an extended scheme capable of protecting media stream's privacy even against SIP servers while supporting lawful interception, which is inevitably required for protecting the national security or for detecting the criminal evidence. Copyright © 2012 John Wiley & Sons, Ltd.