A hybrid authentication protocol for large mobile network

As the rapid development of wireless LAN and mobile network layer protocol Mobile-IP, a mobile user is allowed to access the service at the visited domain after he has been authenticated. The designing criteria of the inter-domain authentication protocols include: the scalability, the communication efficiency and the computational efficiency, and the robustness of security. In this article, we first show the weakness of some existing protocols against the session key compromise, and then propose a new and efficient interdomain authentication protocol. Based on public key, challenge-response and hash chaining, this new approach simultaneously achieves several practical merits: (1) good scalability, (2) low communication cost and low computational cost, and (3) resistance to the session key compromise attack.

[1]  Bahram Honary,et al.  Novel authentication and key agreement protocol for low processing power and systems resource requirements in portable communications systems , 1999 .

[2]  Shiuh-Pyng Shieh,et al.  An Efficient Authentication Protocol for Mobile Networks , 1999, J. Inf. Sci. Eng..

[3]  Marvin A. Sirbu,et al.  Distributed authentication in Kerberos using public key cryptography , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[4]  Randy Chow,et al.  An efficient and secure authentication protocol using uncertified keys , 1995, OPSR.

[5]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[6]  Nj Piscataway,et al.  Wireless LAN medium access control (MAC) and physical layer (PHY) specifications , 1996 .

[7]  C. Perkins,et al.  Mobile IP and security issue: an overview , 1999, First IEEE/POPOV Workshop on Internet Technologies and Services. Proceedings (Cat. No.99EX391).

[8]  Moti Yung,et al.  Systematic Design of a Family of Attack-Resistant Authentication Protocols , 1993, IEEE J. Sel. Areas Commun..

[9]  Armando Fox,et al.  Security on the move: indirect authentication using Kerberos , 1996, MobiCom '96.

[10]  Stephen T. Kent,et al.  A public-key based secure mobile IP , 1997, MobiCom '97.

[11]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[12]  Ravi Ganesan,et al.  Yaksha: augmenting Kerberos with public key cryptography , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[13]  J.J. Tardo,et al.  SPX: global authentication using public key certificates , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.