An Improved Lightweight Privacy Preserving Authentication Scheme for SIP-Based-VoIP Using Smart Card

In the past few years, secure information sharing became very popular in the area of immigration, military applications, healthcare, education, foreign affairs, etc. As secure communication utilizes both wireless and wired communication mechanizations for exchanging sensitive information, security and privacy of the information exchange cannot be easily compromised. To moderate the security, integrity, authenticity, and privacy issues related to information exchange, numerous authentication mechanisms have been recommended by different researchers in the literature in recent times, but these are vulnerable to prospective security flaws such as masquerade, insider, replay, impersonation, password guessing, server spoofing, denial-of-service attacks and, in addition, have failed to deliver mutual authentication.

In the past few years we have also witnessed a balanced growth in the acceptance of VoIP (Voice over IP) facilities because the numerous Web and VoIP applications depend on huge and extremely distributed infrastructures to process requests from millions of users in an appropriate manner. Due to their extraordinary desires, these large-scale internet applications have frequently surrendered security for other objectives such as performance, scalability and availability. As a result, these applications have characteristically favored weaker, but well-organized security mechanisms in their foundations. Session Initiation Protocol (SIP) is an application and presentation layers signaling protocol that initiates, modifies, and terminates IP-based multimedia sessions. Implementing SIP for secure communication has been a topic of study for the past decade, and several proposals are available in the research domain. However, security aspects are not addressed in most of these proposals, because SIP is exposed to several threats and faces security issues at these layers. Probes for SIP (Session Initiation Protocol) servers have been conveyed for many years.

To gather more details about these activities the author has designed a scheme for SIP servers in a network and composed data about some popular attacks. Furthermore, he explains his interpretations and guidance on how to prevent these attacks from being successful. Biometrics, a new field of research, has also been dealt with in this research by means of a ¿three-factor authentication scheme¿, in which one factor is biometrics.