Anonymous handover authentication protocol for mobile wireless networks with conditional privacy preservation

Research Paper


With the development of the wireless communication technology and the popularity of mobile devices, the mobile wireless network (MWN) has been widely used in our daily life. Through the access point (AP), users could access the Internet anytime and anywhere using their mobile devices. Therefore, MWNs can bring much convenience to us. Due to the limitation of AP’s coverage, the seamless handover frequently occurs in practical applications. How to guarantee the user’s privacy and security and identify the real identity when he/she brings harm to the system becomes very challenging. To achieve such goals, many anonymous handover authentication (AHA) protocols have been proposed in the last several years. However, most of them have high computation costs because mobile nodes need to carry out the bilinear pairing operations or the hash-to-point operations. Besides, most of them cannot satisfy some critical requirements, such as non-traceability and perfect forward secrecy. In this paper, we first outline the security requirements of AHA protocols, and then propose a new AHA protocol to eliminate weaknesses existing in previous AHA protocols. Based on the hardness of two famous mathematical problems, we demonstrate that the proposed AHA protocol is secure against different kinds of attacks and can meet a variety of security requirements. It can be seen from the details of implementations that the proposed AHA protocol also has much less computation cost than three latest AHA protocols.


mobile wireless network handover authentication anonymity conditional privacy preservation provable security 



随着无线通信技术的发展和移动设备的流行, 移动无线网络在我们日常生活中得到了广泛应用。通过移动无线网络中的接入点, 用户利用移动设备可以随时随地访问互联网。由于接入点的的覆盖范围是有限的, 无缝切换会时常法伤。如何在切换过程中保证用户的隐私和安全, 并在用户给移动无线网络带来危害时识别他的真实身份, 是非常具有挑战性的事情。为了实现这些目标, 科研人员已经提出了许多匿名切换认证协议。由于这些协议中的移动节点需要执行复杂的双线性对运算和映射到点运算, 它们中的大多数具有非常高的计算复杂度。另外, 这些协议并不不能提供不可追踪、前向保密等重要的安全属性。本文概述了匿名切换认证协议需要满足的安全属性, 并提出了一个新的匿名切换认证协议来解决以往协议中的安全缺陷。在两个著名数学难题的困难性基础上, 本文证明了提出的认证协议能够抵抗多种攻击, 并能够满足列出的安全属性。实现结果表明, 提出的协议比最新的三个相关协议具有更低的计算复杂度。创新点:(1)提出了一个移动无线网络中具有条件隐私保护功能的匿名切换认证协议; (2)在随机预言机模型下证明提出的协议是可证明安全的; (3)对提出的协议和相关协议的计算复杂度和通信复杂分析进行了详细分析和比较。


  1. 1.
    Zheng X, Chen Y, Wang H, et al. Neighborhood prediction based decentralized key management for mobile wireless networks. Wirel Netw, 2013, 19: 1387–1406CrossRefGoogle Scholar
  2. 2.
    Tu H, Kumar N, He D, et al. An efficient password-based three-party authenticated multiple key exchange protocol for wireless mobile networks. J Supercomput, 2014, 70: 224–235CrossRefGoogle Scholar
  3. 3.
    Jo H, Paik J, Lee D. Efficient privacy-preserving authentication in wireless mobile networks. IEEE Trans Mobile Comput, 2014, 13: 1469–1481CrossRefGoogle Scholar
  4. 4.
    He D B, Zeadally S, Kumar N, et al. Anonymous authentication for wireless body area networks with provable security. IEEE Syst J, in press, doi: 10.1109/JSYST.2016.2544805Google Scholar
  5. 5.
    He D B, Kumar N, Shen H, et al. One-to-many authentication for access control in mobile pay-tv systems. Sci China Inf Sci, 2016, 59: 052108MathSciNetCrossRefGoogle Scholar
  6. 6.
    Shen H, Li Z, Chen K. A scalable and mobility-resilient data search system for large-scale mobile wireless networks. IEEE Trans Parall Distrib Syst, 2014, 25: 1124–1134CrossRefGoogle Scholar
  7. 7.
    Liang C, Yu F, Zhang X. Information-centric network function virtualization over 5G mobile wireless networks. IEEE Netw, 2015, 29: 68–74CrossRefGoogle Scholar
  8. 8.
    Menezes A J, Oorschot P C, Vanstone S A. Handbook of Applied Cryptography. Boca Raton: CRC Press, 1996CrossRefMATHGoogle Scholar
  9. 9.
    Choi J, Jung S. A secure and efficient handover authentication based on light-weight diffe-hellman on mobile node in fmipv6. IEICE Trans Commun, 2008, 91: 605–608CrossRefGoogle Scholar
  10. 10.
    Yang G, Huang Q, Wong D, et al. Universal authentication protocols for anonymous wireless communications. IEEE Trans Wirel Commun, 2010, 9: 168–174CrossRefGoogle Scholar
  11. 11.
    He D, Bu J, Chan S, et al. Privacy-preserving universal authentication protocol for wireless communications. IEEE Trans Wirel Commun, 2011, 10: 431–436CrossRefGoogle Scholar
  12. 12.
    He D, Bu J, Chan S, et al. Handauth: efficient handover authentication with conditional privacy for wireless networks. IEEE Trans Comput, 2013, 62: 616–622MathSciNetCrossRefGoogle Scholar
  13. 13.
    He D, Chen C, Chan S, et al. Secure and efficient handover authentication based on bilinear pairing functions. IEEE Trans Wirel Commun, 2012, 11: 48–53CrossRefGoogle Scholar
  14. 14.
    He D, Chen C, Chan S, et al. Analysis and improvement of a secure and efficient handover authentication for wireless networks. IEEE Commun Lett, 2012, 16: 1270–1273CrossRefGoogle Scholar
  15. 15.
    Yeo S, Yap W, Liu J, et al. Comments on “analysis and improvement of a secure and efficient handover authentication based on bilinear pairing functions”. IEEE Commun Lett, 2013, 17: 1521–1523CrossRefGoogle Scholar
  16. 16.
    Tsai J, Lo N, Wu T. Secure handover authentication protocol based on bilinear pairings. Wirel Personal Commun, 2013, 73: 1037–1047CrossRefGoogle Scholar
  17. 17.
    Wang W, Hu L. A secure and efficient handover authentication protocol for wireless networks. Sensors, 2014, 14: 11379–11394CrossRefGoogle Scholar
  18. 18.
    He D, Khan M, Kumar N. A new handover authentication protocol based on bilinear pairing functions for wireless networks. Int J Ad Hoc Ubiquit Comput, 2015, 18: 67–74CrossRefGoogle Scholar
  19. 19.
    Li G, Jiang Q, Wei F, et al. A new privacy-aware handover authentication scheme for wireless networks. Wirel Personal Commun, 2015, 80: 581–589CrossRefGoogle Scholar
  20. 20.
    Xie Y, Wu L, Kumar N, et al. Analysis and improvement of a privacy-aware handover authentication scheme for wireless network. Wirel Personal Commun, doi: 10.1007/s11277-016-3352-3Google Scholar
  21. 21.
    Fu A M, Qin N Y, Wang Y L, et al. Nframe: a privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing for lte/lte-a networks. Wirel Netw, in press. doi: 10.1007/s11276-016-1277-0Google Scholar
  22. 22.
    Choi K Y, Hwang J Y, Lee D H, et al. Id-based authenticated key agreement for low-power mobile devices. In: Proceedings of the 10th Australasian Conference on Information Security and Privacy, Brisbane, 2005. 494–505Google Scholar
  23. 23.
    Huang X, Xiang Y, Bertino E, et al. Robust multi-factor authentication for fragile communications. IEEE Trans Depend Secure Comput, 2014, 11: 568–581CrossRefGoogle Scholar
  24. 24.
    Huang X, Xiang Y, Chonka A, et al. A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans Parall Distr Syst, 2011, 22: 1390–1397CrossRefGoogle Scholar
  25. 25.
    Shen J, Tan H, Moh S, et al. Enhanced secure sensor association and key management in wireless body area networks. J Commun Netw, 2015, 17: 453–462CrossRefGoogle Scholar
  26. 26.
    Xie S, Wang Y. Construction of tree network with limited delivery latency in homogeneous wireless sensor networks. Wirel Personal Commun, 2014, 78: 231–246CrossRefGoogle Scholar
  27. 27.
    Wang D, He D, Wang P, et al. Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans Depend Secure Comput, 2015, 12: 428–442CrossRefGoogle Scholar
  28. 28.
    Wang D, Wang N, Wang P, et al. Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity. Inf Sci, 2015, 321: 162–178CrossRefGoogle Scholar
  29. 29.
    Guo P, Wang J, Li B, et al. A variable threshold-value authentication architecture for wireless mesh networks. J Int Tech, 2014, 15: 929–936Google Scholar
  30. 30.
    He D, Zeadally S, Kumar N, et al. Efficient and anonymous mobile user authentication protocol using self-certied public key cryptography for multi-server architectures. IEEE Trans Inf Foren Secur, in press. doi: 10.1109/TIFS.2016.2573746Google Scholar
  31. 31.
    Shim K. Cpas: an efficient conditional privacy-preserving authentication scheme for sehicular sensor vetworks. IEEE Trans Veh Tech, 2012, 61: 1874–1883CrossRefGoogle Scholar
  32. 32.
    Pointcheval D, Stern J. Security arguments for digital signatures and blind signatures. J Cryptol, 2000, 13: 361–396CrossRefMATHGoogle Scholar

Copyright information

© Science China Press and Springer-Verlag Berlin Heidelberg 2016

Authors and Affiliations

  1. 1.State Key Laboratory of Software Engineering, Computer SchoolWuhan UniversityWuhanChina
  2. 2.State Key Laboratory of CryptologyBeijingChina
  3. 3.School of Electronics Engineering and Computer SciencePeking UniversityBeijingChina
  4. 4.Hangzhou Key Laboratory of Cryptography and Network SecurityHangzhou Normal UniversityHangzhouChina

Personalised recommendations