SIP Issues and Challenges – A Scalable Three Factor Authentication Scheme

The SIP (Session Initiation Protocol) is an application and presentation layer signaling protocol used for initiating, continuing and terminating multimedia session for the end user. It gains much attention of the researchers because it is exposed to several threats and noticed challenging vulnerabilities from time to time. Consequently, the security of SIP is a crucial task and many efforts have been made by different researchers and tried to divert the attention towards its solution. But still, no one claims with conviction about a foolproof secure mechanism for SIP. As users extensively use SIP services, the mutual authentication and key agreement among the participants is an important issue. So, robust authentication and key agreement scheme are mandatory for enhancing security, legitimacy and better complexities. Therefore, we present an improved three-factor authentication scheme that caters all the weakness and known attacks in Mishra et al. scheme. The proposed scheme not only guarantees for security but performance can also be made lightweight. As performance and security contradict each other, the change in one inversely affects the other. The proposed scheme has been analyzed both formally using BAN (Burrows-Abadi-Needham) logic and ProVerif1.93 software verification toolkit, and informally using assumptions which show a delicate balance of security with performance.