The Session Initiation Protocol (SIP) was proffered as the application layer's protocol by IETF (Internet Engineering Task Force) in 1999 and was built in RFC2543. SIP is the signaling protocol that controls communication on the Internet, establishing, maintaining and terminating the sessions. SIP is a client-server protocol. User authentication is the most important technique for SIP. When a user wants to use SIP, the user must be authenticated by the server. Recently, Tsai proposed an efficient nonce-based authentication scheme for SIP called T-SIP. T-SIP is based on the random nonce. All messages exchange is encrypted/decrypted by using one-way hash function and exclusive or operation.