A Secure and Effective Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks

详细信息    查看全文

• 作者：Dawei Zhao (1) (2) (3)
  Haipeng Peng (1) (2)
  Lixiang Li (1) (2)
  Yixian Yang (1) (2)
  
• 关键词：Authentication ; Key agreement ; Anonymity ; Roaming ; Global mobility networks
• 刊名：Wireless Personal Communications
• 出版年：2014
• 出版时间：September 2014
• 年：2014
• 卷：78
• 期：1
• 页码：247-269
• 全文大小：1,471 KB
• 参考文献：1. Suzukiz, S., & Nakada, K. (1997). An authentication technique based on distributed security management for the global mobility network. / IEEE Journal Selected Areas in Communications, / 15(8), 1608-617. CrossRef
  2. He, D., Ma, M., Zhang, Y., Chen, C., & Bu, J. (2011). A strong user authentication scheme with smart cards for wireless communications. / Computer Communications, / 34(3), 367-74. CrossRef
  3. Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. / IEEE Transactions on Consumer Electronics, / 51(1), 230-34.
  4. Lee, C., Hwang, M., & Liao, I. (2006). Security enhancement on a new authentication scheme with anonymity for wireless environments. / IEEE Transactions on Industrial Electronics, / 53(5), 1683-686. CrossRef
  5. Chang, C., Lee, C., & Chiu, Y. (2009). Enhanced authentication scheme with anonymity for roaming service in global networks. / Computer Communications, / 32(4), 611-18. CrossRef
  6. Wu, C., Lee, W., & Tsaur, W. (2008). A secure authentication scheme with anonymity for wireless communications. / IEEE Communications Letters, / 12(10), 722-23. CrossRef
  7. Li, C., & Lee, C. (2012). A novel user authentication and privacy preserving scheme with smart cards for wireless communications. / Mathematical and Computer Modelling, / 55(1-), 35-4. CrossRef
  8. Mun, H., Han, K., Lee, Y., Yeun, C., & Choi, H. (2012). Enhanced secure anonymous authentication scheme for roaming service in global mobility networks. / Mathematical and Computer Modelling, / 55(1-), 214-22.
  9. He, D., Chan, S., Chen, C., Bu, J., & Fan, R. (2011). Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. / Wireless Personal Communications, / 61(2), 465-76. CrossRef
  10. Das, A. (2013). A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. / Networking Science, / 2(1-), 12-7. CrossRef
  11. Yoon, E., Yoo, K., & Ha, K. (2011). A user friendly authentication scheme with anonymity for wireless communications. / Computers & Electrical Engineering, / 37(3), 356-64. CrossRef
  12. Ou, H., Hwang, M., & Jan, J. (2010). A cocktail protocol with the authentication and key agreement on the UMTS. / Journal of Systems and Software, / 83(2), 316-25. CrossRef
  13. Yang, G., Huang, Q., Wong, D., & Deng, X. (2010). Universal authentication protocols for anonymous wireless communications. / IEEE Transactions on Wireless Communication, / 9(1), 168-74. CrossRef
  14. Lee, C., Chen, C., Ou, H., & Chen, L. (2013). Extension of an efficient 3GPP authentication and key agreement protocol. / Wireless Personal Communications, / 68(3), 861-72. CrossRef
  15. Juang, W., Chen, S., & Liaw, H. (2008). Robust and efficient password-authenticated key agreement using smart cards. / IEEE Transactions on Industrial Electronics, / 55(6), 2551-556. CrossRef
  16. Yang, G., Wong, D., & Deng, X. (2007). Anonymous and authenticated key exchange for roaming networks. / IEEE Transactions on Wireless Communications, / 6(9), 1035-042.
  17. Wen, F., Susilo, W., & Yang, G. (2013). Asecure and effective anonymous user authentication scheme for roaming service in global mobility networks. / Wireless Personal Communications, / 73(3), 993-004. CrossRef
  18. He, D., Zhang, Y., & Chen, J. (2014). Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. / Wireless Personal Communications, / 74(2), 229-43. CrossRef
  19. Kim, J., & Kwak, J. (2012). Improved secure anonymous authentication scheme for roaming service in global mobility networks. / International Journal of Security and Its Applications, / 6(3), 45-4.
  20. Chang, C., Le, H., & Chang, C. (2013). Novel untraceable authenticated key agreement protocol suitable for mobile communication. / Wireless Personal Communications, / 71(1), 425-37. CrossRef
  21. Jiang, Q., Ma, J., Li, G., & Yang, L. (2013). An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. / Wireless Personal Communications, / 68(4), 1477-491. CrossRef
  22. Xie, Q., Hu, B., Tan, X., Bao, M., & Yu, X. (2014). Robust anonymous two-factor authentication scheme for roaming service in global mobility network. / Wireless Personal Communications, / 74(2), 601-14. CrossRef
  23. Xu, J., & Zhu, W. T. (2013). A generic framework for anonymous authentication in mobile networks. / Journal of Computer Science and Technology, / 28(4), 732-42. CrossRef
  24. Kim, J. S., & Kwak, J. (2013). Secure and efficient anonymous authentication scheme in global mobility networks. / Journal of Applied Mathematics, Volume 2013, Article ID 302582.
  25. Hankerson, D., Menezes, A., & Vanstone, S. (2004). / Guide to elliptic curve cryptography. New York: Springer.
  26. Koblitz, N. (1987). Elliptic curve cryptosystem. / Journal of Mathematics of Computation, / 48(177), 203-09. CrossRef
  27. Miller, V. S. (1985). Use of elliptic curves in cryptography. / Proceeding on Advances in Cryptology-CRYPTO-85 (pp. 417-26). New York: Springer.
  28. Burrows, M., Abadi, M., & Needham, R. (1990). Alogic of authentication. / ACM Transaction on Computer System, / 8(1), 18-6. CrossRef
  29. Zhao, D., Peng, H., Wang, C., & Yang, Y. (2012). A secret sharing scheme with a short share realizing the (t, n) threshold and the adversary structure. / Computers & Mathematics with Applications, / 64(4), 611-15. CrossRef
  30. Yoo, S., Lee, H., & Kim, J. (2013). A performance and usability aware secure two-factor user authentication scheme for wireless sensor networks. / International Journal of Distributed Sensor Networks Volume 2013, Article ID 543950.
  
• 作者单位：Dawei Zhao (1) (2) (3)
  Haipeng Peng (1) (2)
  Lixiang Li (1) (2)
  Yixian Yang (1) (2)
  
  1. Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876, China
  2. National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing, 100876, China
  3. Shandong Provincial Key Laboratory of Computer Network, Shandong Computer Science Center, Jinan, 250014, China
  
• ISSN：1572-834X

文摘

Recently, Mun et al. analyzed Wu et al.’s authentication scheme and proposed an enhanced anonymous authentication scheme for roaming service in global mobility networks. However, through careful analysis, we find that Mun et al.’s scheme is vulnerable to impersonation attacks and insider attacks, and cannot provide user friendliness, user’s anonymity, proper mutual authentication and local verification. To remedy these weaknesses, we propose a novel anonymous authentication scheme for roaming service in global mobility networks. Compared with previous related works, our scheme has many advantages. Firstly, the secure authenticity of the scheme is formally validated by an useful formal model called BAN logic. Secondly, the scheme enjoys many important security attributes including prevention of various attacks, user anonymity, no verification table, local password verification and so on. Thirdly, the scheme does not use timestamp, thus it avoids the clock synchronization problem. Further, the scheme contains the authentication and establishment of session key scheme when mobile user is located in his/her home network, therefore it is more practical and universal for global mobility networks. Finally, performance and cost analysis show our scheme is more suitable for low-power and resource limited mobile devices and thus availability for real implementation.