In 2008, Tsai proposed an efficient nonce-based authentication scheme for Session Initiation Protocol (SIP). The current paper, however,demonstrates that Tsai's authentication scheme is still vulnerable to off-line password guessing attacks, Denning-Sacco attack and stolen-verifier attacks, and does not provide perfect forward secrecy. We also propose a new secure and efficient authentication scheme based on the elliptic curve discrete logarithm problem (ECDLP) for SIP in order to overcome such security problems.