Skip to main content
SpringerLink
Log in

A Secure Anonymous Authentication Protocol for Roaming Service in Resource-Constrained Mobility Environments

  • Research Article - Computer Engineering and Computer Science
  • Published:
Arabian Journal for Science and Engineering Aims and scope Submit manuscript

Abstract

Mobile user authentication is very crucial to ensure the authenticity and privacy of roaming users in mobility environments. The existing communication technologies are highly vulnerable to security threats and pose a great challenge for the wireless networks being used today. Because the mode of a wireless channel is open, these networks do not carry any inherent security and hence are more prone to threats. Consequently, designing a robust scheme for roaming service in the mobile environment is always challenging. Recently, Kuo et al. proposed an efficient authentication protocol for roaming and they claimed that the protocol can resist several security threats in mobile networks. In this paper, we analyze the security of Kuo et al.’s. authentication protocol and show that the protocol is exposed to an insider attack, replay attack, denial-of-service attack and cannot provide fair key agreement, user untraceability, and local password verification. To combat these security flaws, we propose a secure authentication scenario for roaming service using elliptic curve cryptosystem. The proposed authentication protocol is implemented in HLPSL language using automated validation of internet security protocols and applications as a formal verification tool to prove that the novel protocol is free from known attacks. Further, we applied Burrows–Abadi–Needham logic to validate the correctness of the authentication system. The proposed protocol not only improves security but also retains a low communicational and computational overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

References

  1. Suzuki, S.; Nakada, K.: An authentication technique based on distributed security management for the global mobility network. IEEE J. Sel. Areas Commun. 15(8), 1608–1617 (1997)

    Article  Google Scholar 

  2. Xu, J.; Zhu, W.-T.; Feng, D.-G.: An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks. Comput. Commun. 34(3), 319–325 (2011)

    Article  Google Scholar 

  3. Karuppiah, M.; Saravanan, R.: A secure authentication scheme with user anonymity for roaming service in global mobility networks. Wirel. Pers. Commun. 84(3), 2055–2078 (2015)

    Article  Google Scholar 

  4. Jiang, Q.; Ma, J.; Li, G.; Yang, L.: Robust two-factor authentication and key agreement preserving user privacy. Int. J. Netw. Secur. 16(3), 229–240 (2014)

    Google Scholar 

  5. Roman, R.; Lopez, J.; Mambo, M.: Mobile edge computing, Fog et al.: a survey and analysis of security threats and challenges. Future Gener. Comput. Syst. 78, 680–698 (2018)

    Article  Google Scholar 

  6. Xie, Q.; Hu, B.; Tan, X.; Bao, M.; Yu, X.: Robust anonymous two-factor authentication scheme for roaming service in global mobility network. Wirel. Pers. Commun. 74(2), 601–614 (2014)

    Article  Google Scholar 

  7. Jiang, Q.; Ma, J.; Li, G.; Yang, L.: An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wirel. Pers. Commun. 68(4), 1477–1491 (2013)

    Article  Google Scholar 

  8. Ha, J.: An efficient and robust anonymous authentication scheme in global mobility networks. Int. J. Secur. Appl. 9(10), 297–312 (2015)

    Google Scholar 

  9. Yoon, E.-J.; Yoo, K.-Y.; Ha, K.-S.: A user friendly authentication scheme with anonymity for wireless communications. Comput. Electr. Eng. 37(3), 356–364 (2011)

    Article  Google Scholar 

  10. Lee, C.-C.; Hwang, M.-S.; Liao, I.-E.: Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Trans. Ind. Electron. 53(5), 1683–1687 (2006)

    Article  Google Scholar 

  11. Chang, C.-C.; Lee, C.-Y.; Chiu, Y.-C.: Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Comput. Commun. 32(4), 611–618 (2009)

    Article  Google Scholar 

  12. Youn, T.-Y.; Park, Y.-H.; Lim, J.: Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Commun. Lett. 13(7), 471–473 (2009)

    Article  Google Scholar 

  13. Li, C.-T.; Lee, C.-C.: A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Math. Comput. Model. 55(1), 35–44 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  14. He, D.; Ma, M.; Zhang, Y.; Chen, C.; Bu, J.: A strong user authentication scheme with smart cards for wireless communications. Comput. Commun. 34(3), 367–374 (2011)

    Article  Google Scholar 

  15. Zhao, D.; Peng, H.; Li, L.; Yang, Y.: A secure and effective anonymous authentication scheme for roaming service in global mobility networks. Wirel. Pers. Commun. 78(1), 247–269 (2014)

    Article  Google Scholar 

  16. Kuo, W.-C.; Wei, H.-J.; Cheng, J.-C.: An efficient and secure anonymous mobility network authentication scheme. J. Inf. Secur. Appl. 19(1), 18–24 (2014)

    Google Scholar 

  17. Xie, Q.; Hu, B.; Tan, X.; Wong, D.S.: Chaotic maps-based strong anonymous authentication scheme for roaming services in global mobility networks. Wirel. Pers. Commun. 96(4), 5881–5896 (2017)

    Article  Google Scholar 

  18. Odelu, V.; Banerjee, S.; Das, A.K.; Chattopadhyay, S.; Kumari, S.; Li, X.; Goswami, A.: A secure anonymity preserving authentication scheme for roaming service in global mobility networks. Wirel. Pers. Commun. 96(2), 2351–2387 (2017)

    Article  Google Scholar 

  19. Wu, F.; Li, X.; Xu, L.; Kumari, S.; Sangaiah, A.K.: A novel mutual authentication scheme with formal proof for smart healthcare systems under global mobility networks notion. Comput. Electr. Eng. 68, 107–118 (2018)

    Article  Google Scholar 

  20. Xu, G.; Liu, J.; Lu, Y.; Zeng, X.; Zhang, Y.; Li, X.: A novel efficient maka protocol with desynchronization for anonymous roaming service in global mobility networks. J. Netw. Comput. Appl. 107, 83–92 (2018)

    Article  Google Scholar 

  21. Armando, A.; Basin, D.; Cuellar, J.; Rusinowitch, M.; Viganò, L.: Avispa: automated validation of internet security protocols and applications. ERCIM News 64, 281–285 (2006)

  22. Meadows, C.: The NRL protocol analyzer: an overview. J. Logic Program. 26(2), 113–131 (1996)

    Article  MATH  Google Scholar 

  23. Dai, W.: Crypto++ library 5.1-a free c++ class library of cryptographic schemes. http://www.cryptopp.com/ (2011)

  24. Zhu, J.; Ma, J.: A new authentication scheme with anonymity for wireless environments. IEEE Trans. Consum. Electron. 50(1), 231–235 (2004)

    Article  Google Scholar 

  25. Wu, C.-C.; Lee, W.-B.; Tsaur, W.-J.; et al.: A secure authentication scheme with anonymity for wireless communications. IEEE Commun. Lett. 12(10), 722–723 (2008)

    Article  Google Scholar 

  26. Wang, R.-C.; Juang, W.-S.; Lei, C.-L.; et al.: A robust authentication scheme with user anonymity for wireless environments. Int. J. Innov. Comput. Inf. Control 5(4), 1069–1080 (2009)

    Google Scholar 

  27. Jeon, W.; Kim, J.; Lee, Y.; Won, D.: Security analysis of authentication scheme for wireless communications with user anonymity. In: Park, J.H.J., Kim, J., Zou, D., Lee, Y.S. (eds.) Information Technology Convergence, Secure and Trust Computing, and Data Management, pp. 225–231. Springer, Dordrecht (2012)

    Chapter  Google Scholar 

  28. Mun, H.; Han, K.; Lee, Y.S.; Yeun, C.Y.; Choi, H.H.: Enhanced secure anonymous authentication scheme for roaming service in global mobility networks. Math. Comput. Model. 55(1), 214–222 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  29. Madhusudhan, R.; et al.: A secure and lightweight authentication scheme for roaming service in global mobile networks. J. Inf. Secur. Appl. 38, 96–110 (2018)

    Google Scholar 

  30. Madhusudhan, R.; Shashidhara, R.: Mobile user authentication protocol with privacy preserving for roaming service in GLOMONET. Peer-to-Peer Netw. Appl. 12, 1–22 (2019)

  31. Diffie, W.; Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  32. Kocher, P.; Jaffe, J.; Jun, B.: Differential power analysis. In: Advances in Cryptology—CRYPTO’99, pp. 388–397. Springer (1999)

  33. Wang, D.; He, D.; Wang, P.; Chu, C.-H.: Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans. Dependable Secure Comput. 12(4), 428–442 (2015)

    Article  Google Scholar 

  34. Messerges, T.S.; Dabbish, E.A.; Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  35. Basin, D.; Mödersheim, S.; Vigano, L.: OFMC: a symbolic model checker for security protocols. Int. J. Inf. Secur. 4(3), 181–208 (2005)

    Article  Google Scholar 

  36. Dolev, D.; Yao, A.: On the security of public key protocols. IEEE Trans. Inf. theory 29(2), 198–208 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  37. Glouche, Y.; Genet, T.; Heen, O.; Courtay, O.: A security protocol animator tool for AVISPA. In: ARTIST2 Workshop on Security Specification and Verification of Embedded Systems, Pisa (2006)

  38. Reddy, A.G.; Das, A.K.; Yoon, E.-J.; Yoo, K.-Y.: A secure anonymous authentication protocol for mobile services on elliptic curve cryptography. IEEE Access 4, 4394–4407 (2016)

    Article  Google Scholar 

  39. Muftic, S.; Hatunic, E.: CISS: generalized security libraries. Comput. Secur. 11(7), 653–659 (1992)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematical and Computational Sciences, National Institute of Technology Karnataka, Surathkal, 575025, Karnataka, India

    R. Madhusudhan & R. Shashidhara

Authors
  1. R. Madhusudhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. R. Shashidhara
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to R. Madhusudhan.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Madhusudhan, R., Shashidhara, R. A Secure Anonymous Authentication Protocol for Roaming Service in Resource-Constrained Mobility Environments. Arab J Sci Eng 45, 2993–3014 (2020). https://doi.org/10.1007/s13369-019-04246-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13369-019-04246-2

Keywords

Search

Navigation