Advanced Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks

• Published in: Wireless personal communications Vol. 94; no. 3; pp. 1281 - 1296
• Main Authors: Lee, Cheng-Chi, Lai, Yan-Ming, Chen, Chi-Tung, Chen, Shun-Der
• Format: Journal Article
• Language: English
• Published: New York Springer US 01.06.2017; Springer Nature B.V
• Subjects: Communications Engineering; Computer Communication Networks; Electronic devices; Engineering; Networks; Signal,Image and Speech Processing; User requirements; Key agreement; Dynamic ID; Roaming environment; Anonymity authentication; Mobile environment
• ISSN: 0929-6212; 1572-834X
• DOI: 10.1007/s11277-016-3682-1

Recently, user authentication schemes for mobile devices have become increasingly critical. Because of wide use, numerous services for mobile devices are provided, and will continue to be required in the future. Occasionally, users must log on to a server to obtain services, and the server must authenticate that user. Because device resources, such as batteries, are always limited, the authentication scheme must be effective and secure. Recently, Mun et al. proposed their protocol to address this concern, claiming that their more effective scheme overcomes the weaknesses of previously proposed schemes. However, we determined that Mun et al.’s scheme is still sensitive to a masquerade attack and a man-in-the-middle attack, and fails to realize anonymity and prefect forward secrecy. In this field, we propose a novel scheme, which only uses one-way hash functions and exclusive-OR operations to implement user authentication for roaming services. The proposed scheme both solves the problems of Mun et al.’s scheme and be more effective.