An Enhanced Authentication Scheme with Privacy Preservation for Roaming Service in Global Mobility Networks

Global mobility network (GLOMONET) provides global roaming service to ensure ubiquitous connectivity for users traveling from one network to another. It is very crucial not only to authenticate roaming users, but to protect the privacy of users. However, due to the broadcast nature of wireless channel and resource limitations of terminals, providing efficient user authentication with privacy preservation is challenging. Recently, He et al. proposed a secure and lightweight user authentication scheme with anonymity for roaming service in GLOMONETs. However, in this paper, we identify that the scheme fails to achieve strong two-factor security, and suffers from domino effect, privileged insider attack and no password change option, etc. Then we propose an enhanced authentication scheme with privacy preservation based on quadratic residue assumption. Our improved scheme enhances security strength of He et al.’s protocol while inheriting its merits of low communication and computation cost. Specifically, our enhanced scheme achieves two-factor security and user untraceability.

[1]  N. Asokan,et al.  Untraceability in mobile networks , 1995, MobiCom '95.

[2]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[3]  Anish Mathuria,et al.  Key establishment protocols for secure mobile communications: a critical survey , 2000, Comput. Commun..

[4]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[5]  Jianfeng Ma,et al.  A new authentication scheme with anonymity for wireless environments , 2004, IEEE Trans. Consumer Electron..

[6]  Tzonelih Hwang,et al.  Private Authentication Techniques for the Global Mobility Network , 2005, Wirel. Pers. Commun..

[7]  Xuemin Shen,et al.  Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks , 2006, IEEE Transactions on Wireless Communications.

[8]  Cheng-Chi Lee,et al.  Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments , 2006, IEEE Transactions on Industrial Electronics.

[9]  Xiaotie Deng,et al.  Anonymous and Authenticated Key Exchange for Roaming Networks , 2007, IEEE Transactions on Wireless Communications.

[10]  Wei-Bin Lee,et al.  A Secure Authentication Scheme with Anonymity for Wireless Communications , 2008, IEEE Commun. Lett..

[11]  Xiaotie Deng,et al.  Two-factor mutual authentication based on smart cards and passwords , 2008, J. Comput. Syst. Sci..

[12]  Wen-Shenq Juang,et al.  Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards , 2008, IEEE Transactions on Industrial Electronics.

[13]  Dong Hoon Lee,et al.  Security flaw of authentication scheme with anonymity for wireless communications , 2009, IEEE Communications Letters.

[14]  Chin-Laung Lei,et al.  User authentication scheme with privacy-preservation for multi-server environment , 2009, IEEE Communications Letters.

[15]  Samir Kouro,et al.  Unidimensional Modulation Technique for Cascaded Multilevel Converters , 2009, IEEE Transactions on Industrial Electronics.

[16]  Chin-Chen Chang,et al.  Enhanced authentication scheme with anonymity for roaming service in global mobility networks , 2009, Comput. Commun..

[17]  Jongin Lim,et al.  Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks , 2009, IEEE Communications Letters.

[18]  Shuenn-Shyang Wang,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[19]  Hung-Min Sun,et al.  Improvement of a novel mutual authentication scheme based on quadratic residues for RFID systems , 2008, 2009 Joint Conferences on Pervasive Computing (JCPC).

[20]  Chin-Laung Lei,et al.  A ROBUST AUTHENTICATION SCHEME WITH USER ANONYMITY FOR WIRELESS ENVIRONMENTS , 2009 .

[21]  Zhenfu Cao,et al.  On the anonymity of some authentication schemes for wireless communications , 2009, IEEE Commun. Lett..

[22]  Kenneth H. Rosen Elementary Number Theory: And Its Applications , 2010 .

[23]  Somayeh Salimi,et al.  Anonymous roaming in universal mobile telecommunication system mobile networks , 2010, IET Inf. Secur..

[24]  Chun Chen,et al.  Design and Validation of an Efficient Authentication Scheme with Anonymity for Roaming Service in Global Mobility Networks , 2011, Wirel. Pers. Commun..

[25]  Chun Chen,et al.  A strong user authentication scheme with smart cards for wireless communications , 2011, Comput. Commun..

[26]  Chin-Laung Lei,et al.  Robust authentication and key agreement scheme preserving the privacy of secret key , 2011, Comput. Commun..

[27]  Yuefei Zhu,et al.  Robust smart-cards-based user authentication scheme with user anonymity , 2012, Secur. Commun. Networks.