In 2014, Arshad and Nikooghadam proposed an authentication and key agreement scheme for SIP to conquer the existing defects in Irshad et al.'s scheme. They claimed that their scheme resists various security attacks and has low computation cost. We found that even though Arshad et al.'s scheme achieves high efficiency, their scheme is insecure against server spoofing attacks, denial of service attacks and privilege insider attacks. Furthermore, the password change phase of their scheme is complicated and their scheme cannot provide user anonymity. To overcome the weaknesses of Arshad et al.'s scheme, we proposed an anonymous and secure authentication and key agreement protocol for SIP. Compared with Arshad et al.'s scheme, our scheme not only withstands more security attacks, but also achieves user anonymity and high efficiency.

• 出版日期2017-1
• 单位济南大学