An Authentication and Key Agreement Mechanism for Multi-domain Wireless Networks Using Certificateless Public-Key Cryptography

With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Mutual authentication and key agreement are very important security mechanisms in wireless network systems for preventing unauthorized network access, server impersonation attack and malicious attacks of the subsequent session message. Considering the limited computing capability of smart cards or mobile devices, the security scheme design suitable for these mobile devices is a nontrivial challenge. This paper presents an authentication and key agreement mechanism for multi-domain wireless networks using certificateless public key cryptography. Based on the computational Diffie–Hellman assumption and the random oracle model, we show that the proposed scheme is secure against an uncertified user and a malicious registration server simultaneously. As compared with the recently proposed schemes, our scheme enjoys less computational cost on the basis of BLS short signature scheme and has higher security level by exploiting the certificateless public key cryptography system. Moreover, our scheme can be used to mutual authentication and key agreement between members of distinct domains where all the servers use different system parameters. Efficiency analysis of related the security and computation overheads are given to demonstrate that our scheme is well suited for mobile devices with limited computing capability.

[1]  Atul Negi,et al.  Cryptanalysis of recently proposed Remote User Authentication Schemes , 2006, IACR Cryptol. ePrint Arch..

[2]  Wei-Chi Ku,et al.  Impersonation Attack on a Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards , 2005, IEICE Trans. Commun..

[3]  Hong Zhao,et al.  An Enhanced Authentication and Key Agreement Mechanism for SIP Using Certificateless Public-key Cryptography , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[4]  Yuh-Min Tseng,et al.  A mutual authentication and key exchange scheme from bilinear pairings for low power computing devices , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[5]  Qiaoyan Wen,et al.  Efficient and provably-secure certificateless short signature scheme from bilinear pairings , 2009, Comput. Stand. Interfaces.

[6]  Xinyi Huang,et al.  Efficient and Short Certificateless Signature , 2008, CANS.

[7]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[8]  Ming Luo,et al.  An Authentication and Key Agreement Mechanism for Multi-Domain Wireless Networks using Bilinear Pairings , 2012 .

[9]  Luminita Vasiu,et al.  On The Indistinguishability-Based Security Model of Key Agreement Protocols-Simple Cases , 2005, IACR Cryptol. ePrint Arch..

[10]  Kee-Young Yoo,et al.  A Certificateless Authenticated Group Key Agreement Protocol Providing Forward Secrecy , 2008, 2008 International Symposium on Ubiquitous Multimedia Computing.

[11]  Dong Hoon Lee,et al.  Efficient Certificateless Signature Schemes , 2007, ACNS.

[12]  Kristin E. Lauter,et al.  Security Analysis of KEA Authenticated Key Exchange Protocol , 2006, IACR Cryptol. ePrint Arch..

[13]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[14]  Shaohui Wang,et al.  A Certificateless Signature and Group Signature Schemes against Malicious PKG , 2008, 22nd International Conference on Advanced Information Networking and Applications (aina 2008).

[15]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[16]  Duncan S. Wong,et al.  Certificateless Public-Key Signature: Security Model and Efficient Construction , 2006, ACNS.

[17]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[18]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[19]  Debasis Giri,et al.  An Improved Remote User Authentication Scheme with Smart Cards using Bilinear Pairings , 2007, IACR Cryptol. ePrint Arch..

[20]  Xue Liu,et al.  A Certificateless Signature Scheme for Mobile Wireless Cyber-Physical Systems , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[21]  Rui Zhang,et al.  An efficient and provably‐secure certificateless signature scheme without bilinear pairings , 2012, Int. J. Commun. Syst..

[22]  Jiann-Fu Lin,et al.  An efficient and complete remote user authentication scheme using smart cards , 2006, Math. Comput. Model..

[23]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[24]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[25]  Sunder Lal,et al.  An Improved Remote User Authentication Scheme using Bilinear Pairings , 2007, IACR Cryptol. ePrint Arch..

[26]  Yuh-Min Tseng,et al.  A Pairing-Based User Authentication Scheme for Wireless Clients with Smart Cards , 2008, Informatica.

[27]  Ashutosh Saxena,et al.  A novel remote user authentication scheme using bilinear pairings , 2006, Comput. Secur..

[28]  Craig Gentry,et al.  Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[29]  Chik How Tan,et al.  Certificateless Authenticated Two-Party Key Agreement Protocols , 2006, ASIAN.