Skip to main content
SpringerLink
Log in

Secure and efficient authentication protocol with user untraceability for global roaming services

  • Original Paper
  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

In case of global roaming services, user authentication plays an important role in order to prevent any unauthorized user from accessing services. Preserving anonymity and unlinkability are also crucial to ensure user untraceability over public channel. However, achieving user authenticity and untraceability are not sufficient to guarantee a secure communication. Several active and passive attacks may breach the system security as the mode of communication is considered to be wireless. Hence, requiring a well-designed protocol to resist these vulnerabilities. In this article, we put forward a secure and efficient authentication protocol with user untraceability for global roaming services. The proposed protocol utilizes low-cost cryptographic primitives such as symmetric key encryption/decryption and one-way hash function. We use dynamic keys (rather than long-term keys) to ensure forward/backward secrecy of the session key. The use of dynamic pseudonym ensures user anonymity and unlinkability over public channel. In addition, there is no need to re-synchronize the peers in case of desynchronization attack. The security validation of the proposed protocol is done both formally and informally to ensure robustness of the protocol under various active and passive attacks. Finally, we compare our protocol with some recently proposed approaches in terms of various security and design parameters to ensure its efficiency for low-power applications of global roaming services.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Jiang, Y., Lin, C., Shen, X., & Shi, M. (2006). Mutual authentication and key exchange protocols for roaming services in wireless mobile networks. IEEE Transactions on Wireless Communications, 5(9), 2569–2577.

    Article  Google Scholar 

  2. Suzuki, S., & Nakada, K. (1997). An authentication technique based on distributed security management for the global mobility network. IEEE Journal on Selected Areas in Communications, 15(8), 1608–1617.

    Article  Google Scholar 

  3. Rahman, M. G., & Imai, H. (2002). Security in wireless communication. Wireless personal communications, 22(2), 213–228.

    Article  Google Scholar 

  4. Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on information theory, 29(2), 198–208.

    Article  MathSciNet  Google Scholar 

  5. Boyd, C., & Mathuria, A. (2013). Protocols for authentication and key establishment. Springer Science & Business Media.

  6. Samfat, D., Molva, R., & Asokan, N. (1995). Untraceability in mobile networks. In: Proceedings of the 1st annual international conference on Mobile computing and networking.

  7. Steinbrecher, S., & Kopsell, S. (2003). Modelling unlinkability. International Workshop on Privacy Enhancing Technologies (pp. 32–47).

  8. Odelu, V., Banerjee, S., Das, A. K., Chattopadhyay, S., Kumari, S., Li, X., & Goswami, A. (2017). A secure anonymity preserving authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 96(2), 2351–2387.

    Article  Google Scholar 

  9. Lee, B., & Kim, K. (2002). Receipt-free electronic voting scheme with a tamper-resistant randomizer. International Conference on Information Security and Cryptology (pp. 389–406).

  10. Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. Annual International Cryptology Conference (pp. 388–397).

  11. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.

    Article  MathSciNet  Google Scholar 

  12. Lu, Y., Xu, G., Li, L., & Yang, Y. (2019). Robust privacy preserving mutual authenticated key agreement scheme in roaming service for global mobility networks. IEEE Systems Journal, 13(2), 1454–1465.

    Article  Google Scholar 

  13. Menezes, A. J., Van Oorschot, P. C., & Vanstone, S. A. (1997). Handbook of applied cryptography. CRC Press.

  14. Gope, P., & Hwang, T. (2016). Lightweight and energy-efficient mutual authentication and key agreement scheme with user anonymity for secure communication in global mobility networks. IEEE Systems Journal, 10(4), 1370–1379.

    Article  Google Scholar 

  15. Gupta, M., & Chaudhari, N. S. (2018). Anonymous two factor authentication protocol for roaming service in global mobility network with security beyond traditional limit. Ad Hoc Networks, 84, 56–67.

    Article  Google Scholar 

  16. Zhao, D., Peng, H., Li, L., & Yang, Y. (2014). A secure and effective anonymous authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 78(1), 247–269.

    Article  Google Scholar 

  17. Roy, P. K., & Bhattacharya, A. (2021). Desynchronization resistant privacy preserving user authentication protocol for location based services. Peer-to-Peer Netw. Appl.https://doi.org/10.1007/s12083-021-01194-3

  18. Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics, 50(1), 231–235.

    Article  Google Scholar 

  19. Lee, C. C., Hwang, M. S., & Liao, I. E. (2006). Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Industrial Electronics, 53(5), 1683–1687.

    Article  Google Scholar 

  20. Wu, C. C., Lee, W. B., & Tsaur, W. J. (2008). A secure authentication scheme with anonymity for wireless communications. IEEE Communications Letters, 12(10), 722–723.

    Article  Google Scholar 

  21. Mun, H., Han, K., Lee, Y. S., Yeun, C. Y., & Choi, H. H. (2012). Enhanced secure anonymous authentication scheme for roaming service in global mobility networks. Mathematical and Computer Modelling, 55(1–2), 214–222.

    Article  MathSciNet  Google Scholar 

  22. Chang, C. C., Lee, C. Y., & Chiu, Y. C. (2009). Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications, 32(4), 611–618.

    Article  Google Scholar 

  23. He, D., Chan, S., Chen, C., Bu, J., & Fan, R. (2010). Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications, 61(2), 465–476.

    Article  Google Scholar 

  24. Farash, M. S., Chaudhry, S. A., Heydari, M., Sajad Sadough, S. M., Kumari, S., & Khan, M. K. (2015). A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security. International Journal of Communication Systems, 30(4), e3019.

    Article  Google Scholar 

  25. Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE transactions on Information Theory, 22(6), 644–654.

    Article  MathSciNet  Google Scholar 

  26. Zhou, T., & Xu, J. (2010). Provable secure authentication protocol with anonymity for roaming service in global mobility networks. Computer Networks, 55(1), 205–213.

    Article  Google Scholar 

  27. Jiang, Q., Ma, J., Li, G., & Yang, L. (2012). An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wireless Personal Communications, 68(4), 1477–1491.

    Article  Google Scholar 

  28. Wu, F., Xu, L., Kumari, S., Li, X., Khan, M. K., & Das, A. K. (2016). An enhanced mutual authentication and key agreement scheme for mobile user roaming service in global mobility networks. Annals of Telecommunications, 72(3–4), 131–144.

    Google Scholar 

  29. Wen, F., Susilo, W., & Yang, G. (2013). A secure and effective anonymous user authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 73(3), 993–1004.

    Article  Google Scholar 

  30. Gope, P., & Hwang, T. (2015). Enhanced secure mutual authentication and key agreement scheme preserving user anonymity in global mobile networks. Wireless Personal Communications, 82(4), 2231–2245.

    Article  Google Scholar 

  31. Memon, I., Hussain, I., Akhtar, R., & Chen, G. (2015). Enhanced privacy and authentication: An efficient and secure anonymous communication for location based service using asymmetric cryptography scheme. Wireless Personal Communications, 84(2), 1487–1508.

    Article  Google Scholar 

  32. Roy, P. K., & Bhattacharya, A. (2019). Secure and efficient anonymous authentication protocol for global roaming services (pp. 9–14).

  33. Xie, Q., & Hwang, L. (2019). Security enhancement of an anonymous roaming authentication scheme with two-factor security in smart city. Neurocomputing, 347, 131–138.

    Article  Google Scholar 

  34. Wood, A. D., & Stankovic, J. A. (2002). Denial of service in sensor networks. Computer, 35(10), 54–62.

    Article  Google Scholar 

  35. Raymond, D. R., & Midkiff, S. F. (2008). Denial-of-service in wireless sensor networks: Attacks and defenses. IEEE Pervasive Computing, 7(1), 74–81.

    Article  Google Scholar 

  36. Zhang, G., Fan, D., Zhang, Y., Li, X., & Liu, X. (2015). A privacy preserving authentication scheme for roaming services in global mobility networks. Security and Communication Networks, 8(16), 2850–2859.

    Article  Google Scholar 

  37. Xu, G., Liu, J., Lu, Y., Zeng, X., Zhang, Y., & Li, X. (2018). A novel efficient MAKA protocol with desynchronization for anonymous roaming service in global mobility networks. Journal of Network and Computer Applications, 107, 83–92.

    Article  Google Scholar 

  38. Sohail, M. M., Hassan, M., Mansoor, K., Ghani, A., & Jawad, K. (2020). An improved authentication protocol for global mobility network (glomonet). 2020 17th International Bhurban Conference on Applied Sciences and Technology (IBCAST) (pp. 401–406).

  39. Rogaway, P., & Shrimpton, T. (2004). Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. International workshop on fast software encryption (pp. 371–388).

  40. Abdalla, M., Fouque, P. A., & Pointcheval, D. (2005). Password-based authenticated key exchange in the three-party setting. International Workshop on Public Key Cryptography (pp. 65–84).

  41. Burrows, M., Abadi, M., & Needham, R. M. (1989). A logic of authentication. Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences, 426(1871), 233–271.

    Article  MathSciNet  Google Scholar 

  42. Abadi, M., & Tuttle, M.R. (1991). A semantics for a logic of authentication. In PODC.

  43. Abbasinezhad-Mood, D., & Nikooghadam, M. (2018). Efficient anonymous password-authenticated key exchange protocol to read isolated smart meters by utilization of extended chebyshev chaotic maps. IEEE Transactions on Industrial Informatics, 14(11), 4815–4828.

    Google Scholar 

  44. The AVISPA Team: Avispa v1.1 user manual. Information society technologies programme (June 2006). www.avispa-project.org

  45. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heam, P.C., Kouchnarenko, O., & Mantovani, J. et al. (2005). The AVISPA tool for the automated validation of internet security protocols and applications. In International Conference on Computer Aided Verification (pp. 281-285).

  46. Von Oheimb, D. (2005). The high-level protocol specification language HLPSL developed in the EU project AVISPA. In Proceedings of APPSEM 2005 workshop.

  47. Basin, D., Modersheim, S., & Vigano, L. (2005). Ofmc: A symbolic model checker for security protocols. International Journal of Information Security, 4(3), 181–208.

    Article  Google Scholar 

  48. Turuani, M. (2006). The CL-AtSe protocol analyser. International Conference on Rewriting Techniques and Applications (pp. 277–286). Springer.

  49. Suarez-Albela, M., Fernandez-Carames, T.M., Fraga-Lamas, P., & Castedo, L. (2018). A practical performance comparison of ECC and RSA for resource-constrained IoT devices. In 2018 Global Internet of Things Summit (GIoTS) (pp. 1-6).

  50. Adalier, M., & Teknik, A. (2015). Efficient and secure elliptic curve cryptography implementation of curve p-256. Workshop on Elliptic Curve Cryptography Standards, 66, 446.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Indian Institute of Technology (Indian School of Mines), Dhanbad, India

    Prasanta Kumar Roy & Ansuman Bhattacharya

Authors
  1. Prasanta Kumar Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ansuman Bhattacharya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Prasanta Kumar Roy.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Supplementary Information

Below is the link to the electronic supplementary material.

Supplementary material 1 (pdf 71 KB)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Roy, P.K., Bhattacharya, A. Secure and efficient authentication protocol with user untraceability for global roaming services. Wireless Netw 27, 5189–5206 (2021). https://doi.org/10.1007/s11276-021-02800-1

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11276-021-02800-1

Keywords

Search

Navigation