Journal of Digital Information Management Cheng-Chi Lee, Chu-Chi Yang, Shiow-Yuan Huang 7 3 2009 http://www.dirf.org/jdim/v7n3a1.asp The Session Initiation Protocol (SIP) is a signaling protocol that controls communication sessions such as conferencing, telephony, and instant messaging in the Internet community (RFC2543). Before a user gets to use an SIP service provided by a server, an authendication process must be finished. However, there are some security problems with SIP authentication yet to be solved, such as server spoofing, off-line password gussing attacks, and the use of the password table. In this article, we shall propose a new authentication scheme for SIP that does not need the password table.