A new provably secure authentication and key agreement protocol for SIP using ECC

SIP has been chosen as the protocol for multimedia application in 3G mobile networks. The authentication mechanism proposed in SIP specification is HTTP digest based authentication, which allows malicious parties to impersonate other parties or to charge calls to others, furthermore, other security problems, such as off-line password guessing attacks and server spoofing, are also needed to be solved. This paper proposes a new authenticated key exchange protocol NAKE, which can solve the existing problems in the original proposal. The NAKE protocol is probably secure in CK security model, thus it inherits the corresponding security attributes in CK security model.