Authors : Younsung Choi
Abstract: In order to solve the limitations of the password-based authentication scheme, various two-factor authentication schemes for session initiation protocol is studied and regards it as good solution. In 2015, Lu proposed secure two-factor authenticated key agreement which provide the anonymity and key agreement for session initiation protocol using elliptic curve cryptography. However, Reddy point out the vulnerability the Lu scheme and proposed an enhanced anonymous two-factor mutual authentication with key-agreement scheme for session initiation protocol in 2016 but there are various security problem yet. So, this study analyzes all phases of Reddy authentication scheme and then shows that their scheme is still vulnerable on off-line password (and identity) guessing attack a DoS attack, wrong password change phase and session key disclosure attack.
Younsung Choi , 2017. Cryptanalysis on Anonymous Two Factor Mutual Authentication with Key Agreement Scheme For Session Initiation Protocol. Research Journal of Applied Sciences, 12: 352-357.