An Efficient Ticket Based Authentication Protocol with Unlinkability for Wireless Access Networks

The concept of anonymous channel ticket is one of the effective measures to protect user privacy and to reduce the overhead of re-authentication for wireless environments. Most recently, Hsieh et al. proposed an anonymous authentication protocol based on elliptic curve cryptography to enhance the efficiency and security strength. However, we identify that Hsieh et al.’s scheme has four weaknesses. (1) The scheme fails to provide identity anonymity. (2) The ticket authentication phase of the scheme suffers from desynchronization attack. (3) The scheme is vulnerable to the privileged insider attack. (4) Users cannot change passwords when required. We further propose an improved authentication scheme, which not only preserves the merits of the scheme of Hsieh et al., but also enjoys several other advantages. Our improved scheme is effective in protection from the weaknesses identified and achieves user anonymity and unlinkability. We compare the functionality and performance of our improved scheme with other related schemes, which indicates that our scheme is more secure and yet efficient for wireless access networks.

[1]  Yen-Cheng Chen,et al.  A practical authentication protocol with anonymity for wireless access networks , 2011, Wirel. Commun. Mob. Comput..

[2]  Jianfeng Ma,et al.  A new authentication scheme with anonymity for wireless environments , 2004, IEEE Trans. Consumer Electron..

[3]  Jinn-ke Jan,et al.  A wireless-based authentication and anonymous channels for large scale area , 2001, Proceedings. Sixth IEEE Symposium on Computers and Communications.

[4]  Yuefei Zhu,et al.  A novel lightweight authentication scheme with anonymity for roaming service in global mobility networks , 2011, Int. J. Netw. Manag..

[5]  Jenq-Shiou Leu,et al.  Anonymous authentication protocol based on elliptic curve Diffie-Hellman for wireless access networks , 2014, Wirel. Commun. Mob. Comput..

[6]  Xiaotie Deng,et al.  Anonymous and Authenticated Key Exchange for Roaming Networks , 2007, IEEE Transactions on Wireless Communications.

[7]  Xiong Li,et al.  A novel user authentication scheme with anonymity for wireless communications , 2014, Secur. Commun. Networks.

[8]  Wei-Bin Lee,et al.  A Secure Authentication Scheme with Anonymity for Wireless Communications , 2008, IEEE Commun. Lett..

[9]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[10]  Chun Chen,et al.  Lightweight and provably secure user authentication with anonymity for the global mobility network , 2011, Int. J. Commun. Syst..

[11]  Debiao He,et al.  An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings , 2012, Ad Hoc Networks.

[12]  Jongin Lim,et al.  Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks , 2009, IEEE Communications Letters.

[13]  Qiong Pu,et al.  An Enhanced Authentication Scheme with Anonymity for Roaming Service in Global Mobility Networks , 2010, 2010 Second International Conference on Multimedia and Information Technology.

[14]  Cheng-Chi Lee,et al.  Mobile device integration of a fingerprint biometric remote authentication scheme , 2012, Int. J. Commun. Syst..

[15]  Hu Jin,et al.  An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security , 2012 .

[16]  Chun Chen,et al.  Design and Validation of an Efficient Authentication Scheme with Anonymity for Roaming Service in Global Mobility Networks , 2011, Wirel. Pers. Commun..

[17]  Hung-Wen Yang,et al.  A secure and efficient authentication protocol for anonymous channel in wireless communications , 2005, Appl. Math. Comput..

[18]  Xuemin Shen,et al.  Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks , 2006, IEEE Transactions on Wireless Communications.

[19]  Chun Chen,et al.  A strong user authentication scheme with smart cards for wireless communications , 2011, Comput. Commun..

[20]  Cheng-Chi Lee,et al.  A novel user authentication and privacy preserving scheme with smart cards for wireless communications , 2012, Math. Comput. Model..

[21]  Chunguang Ma,et al.  Security flaws in two improved remote user authentication schemes using smart cards , 2014, Int. J. Commun. Syst..

[22]  Anish Mathuria,et al.  Key establishment protocols for secure mobile communications: a critical survey , 2000, Comput. Commun..

[23]  Chin-Chen Chang,et al.  Enhanced authentication scheme with anonymity for roaming service in global mobility networks , 2009, Comput. Commun..

[24]  Cheng-Chi Lee,et al.  Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments , 2006, IEEE Transactions on Industrial Electronics.

[25]  Eun-Jun Yoon,et al.  A user friendly authentication scheme with anonymity for wireless communications , 2011, Comput. Electr. Eng..

[26]  Dong Hoon Lee,et al.  Security flaw of authentication scheme with anonymity for wireless communications , 2009, IEEE Communications Letters.

[27]  Zhenfu Cao,et al.  On the anonymity of some authentication schemes for wireless communications , 2009, IEEE Commun. Lett..

[28]  Jing Xu,et al.  Provable secure authentication protocol with anonymity for roaming service in global mobility networks , 2011, Comput. Networks.

[29]  N. Asokan,et al.  Untraceability in mobile networks , 1995, MobiCom '95.

[30]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[31]  Cheng-Chi Lee,et al.  Cryptanalysis of a secure and efficient authentication protocol for anonymous channel in wireless communications , 2012, Secur. Commun. Networks.

[32]  Dengguo Feng,et al.  An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks , 2011, Comput. Commun..

[33]  Ana M. Barbancho,et al.  Cryptanalysis of anonymous channel protocol for large-scale area in wireless communications , 2003, Comput. Networks.

[34]  Jianfeng Ma,et al.  An Enhanced Authentication Scheme with Privacy Preservation for Roaming Service in Global Mobility Networks , 2012, Wireless Personal Communications.