A Novel Mobile Communications Authentication Scheme with Roaming Service and User Anonymity

Many novel, effective, and efficient applications and networking services are being developed for the Social Internet of Things. Recently, Li proposed a more secure and efficient authentication scheme with roaming service and user anonymity for mobile communications. The security analysis and discussion of the agreement phase is sufficiently safe; however, an attacker can intercept the identity of a mobile user’s home agent in the authentication phase. By using this information, the attacker can mount distributed denial-of-service attacks in the roaming phase through replay attacks targeting the network’s foreign agent and mobile user’s home agent by using their corresponding session keys. Li’s method also has some shortcomings regarding anonymity that we aim to address. To overcome these issues, this study proposes an elliptic curve–based wireless roaming anonymous login method for the authentication phase. The problems faced in the roaming phase are resolved, and this approach provides balanced session key computation between senders and receivers. Burrows-Abadi-Needham logic (BAN-logic) is used to verify the security of the proposed scheme. The proposed scheme affords good security, efficiency, and integrity and maintains anonymity.

[1]  Hitesh Tewari,et al.  Performance analysis of cryptographic protocols on handheld devices , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[2]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[3]  Qi Xie A new authenticated key agreement for session initiation protocol , 2012, Int. J. Commun. Syst..

[4]  Yuh-Min Tseng,et al.  Towards generalized ID-based user authentication for mobile multi-server environment , 2012, Int. J. Commun. Syst..

[5]  Chun-Ta Li,et al.  A More Secure and Efficient Authentication Scheme with Roaming Service and User Anonymity for Mobile Communications , 2012, Inf. Technol. Control..

[6]  Falko Dressler,et al.  Practical Evaluation of the Performance Impact of Security Mechanisms in Sensor Networks , 2006, Proceedings. 2006 31st IEEE Conference on Local Computer Networks.

[7]  Shigefusa Suzuki,et al.  An Authentication Technique Based on Distributed Security Management for the Global Mobility Network , 1997, IEEE J. Sel. Areas Commun..

[8]  Lih-Chyau Wuu,et al.  Robust smart‐card‐based remote user password authentication scheme , 2014, Int. J. Commun. Syst..

[9]  Athanasios V. Vasilakos,et al.  Minimizing multiplayer interactive delay in multihop wireless networks , 2012, Int. J. Commun. Syst..

[10]  Deng Yong-jiang BASED ON BAN LOGIC ANALYSIS OTWAY-REES PROCOTOL , 2006 .

[11]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[12]  LeeCheng-Chi,et al.  Mobile device integration of a fingerprint biometric remote authentication scheme , 2012 .

[13]  Levente Buttyán,et al.  Extensions to an authentication technique proposed for the global mobility network , 2000, IEEE Trans. Commun..

[14]  Xinsong Liu,et al.  Cryptanalysis of a dynamic ID-based remote user authentication with key agreement scheme , 2012, Int. J. Commun. Syst..

[15]  Chu-Hsing Lin,et al.  Cryptanalysis of a New Authentication Scheme with Anonymity for Wireless Environments , 2004 .

[16]  Dong Hoon Lee,et al.  Security flaw of authentication scheme with anonymity for wireless communications , 2009, IEEE Communications Letters.

[17]  Cheng-Chi Lee,et al.  Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments , 2006, IEEE Transactions on Industrial Electronics.

[18]  Duncan S. Wong,et al.  The performance measurement of cryptographic primitives on palm devices , 2001, Seventeenth Annual Computer Security Applications Conference.

[19]  Chun-Ta Li Secure Smart Card Based Password Authentication Scheme with User Anonymity , 2011, Inf. Technol. Control..

[20]  Chin-Chen Chang,et al.  A self-encryption mechanism for authentication of roaming and teleconference services , 2003, IEEE Trans. Wirel. Commun..

[21]  Paul Syverson,et al.  A Taxonomy of Replay Attacks , 1994 .

[22]  Wen-Guey Tzeng,et al.  Authentication of Mobile Users in Third Generation Mobile Systems , 2001, Wirel. Pers. Commun..

[23]  Falko Dressler,et al.  Experimental Performance Evaluation of Cryptographic Algorithms on Sensor Nodes , 2006, 2006 IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[24]  M.R. Doomun,et al.  Energy consumption and computational analysis of rijndael-AES , 2007, 2007 3rd IEEE/IFIP International Conference in Central Asia on Internet.

[25]  Cheng-Chi Lee,et al.  Mobile device integration of a fingerprint biometric remote authentication scheme , 2012, Int. J. Commun. Syst..

[26]  Jung-Shian Li,et al.  A hidden mutual authentication protocol for low-cost RFID tags , 2011, Int. J. Commun. Syst..

[27]  Bart Preneel,et al.  A secure privacy-preserving roaming protocol based on hierarchical identity-based encryption for mobile networks , 2008, WiSec '08.

[28]  Jianfeng Ma,et al.  A new authentication scheme with anonymity for wireless environments , 2004, IEEE Trans. Consumer Electron..

[29]  Qin Zhiguang,et al.  An Improved Security Protocol Formal Analysis with BAN Logic , 2009, 2009 International Conference on Electronic Commerce and Business Intelligence.

[30]  George Stefanou,et al.  Performance improvement of fixed wireless access networks by conjunction of dual polarization and time domain radio resource allocation technique , 2011, Int. J. Commun. Syst..

[31]  Chia-Chen Chen,et al.  User Authentication with Anonymity for Roaming Service with Smart Cards in Global Mobility Networks , 2014, Ad Hoc Sens. Wirel. Networks.