A Practical Authentication Protocol for Anonymous Web Browsing

  • Xu YangEmail author
  • Xun Yi
  • Hui Cui
  • Xuechao Yang
  • Surya Nepal
  • Xinyi Huang
  • Yali Zeng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10701)


Authentication protocols with anonymity attract wide attention in recent years since they could protect users’ privacy. Anonymous web browsing refers to utilization of the World Wide Web that hides a user’s personally identifiable information from the websites visited. Even if a user can hide the IP address and other physical information with anonymity programs such as Tor, the web server can always monitor the user on the basis of the identity. In this paper, we propose a practical authentication protocol for anonymous web browsing. In the proposed protocol, we take the advantages of a pseudo identity mechanism and an identity-based elliptic curve cryptography algorithm to achieve the user anonymity, robust security as well as high efficiency. The results of security analysis and performance evaluation indicate the feasibility and practicality of our proposed anonymous authentication protocol.


Authentication Anonymous web browsing Privacy Security Efficiency 



This work is partial supported by Australian Research Council Discovery Project (DP160100913: Security and Privacy of Individual Data Used to Extract Public Information) and Data61 Research Collaborative Project (Enhancing Security and Privacy in IoT).


  1. 1.
    BlueKrypt: Nist key length recommended (2016).
  2. 2.
    Cao, X., Kou, W., Du, X.: A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges. Inf. Sci. 180(15), 2895–2903 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: the second-generation onion router. Technical report, DTIC Document (2004)Google Scholar
  4. 4.
    Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Trans. Inf. Syst. Secur. (TISSEC) 2(3), 230–268 (1999)CrossRefGoogle Scholar
  5. 5.
    He, D., Chen, C., Chan, S., Bu, J.: Secure and efficient handover authentication based on bilinear pairing functions. IEEE Trans. Wirel. Commun. 11(1), 48–53 (2012)CrossRefGoogle Scholar
  6. 6.
    He, D., Khan, K.M., Kumar, N.: A new handover authentication protocol based on bilinear pairing functions for wireless networks. Int. J. Ad Hoc Ubiquitous Comput. 18(1–2), 67–74 (2015)CrossRefGoogle Scholar
  7. 7.
    He, D., Zhang, Y., Chen, J.: Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wirel. Pers. Commun. 74(2), 229–243 (2014)CrossRefGoogle Scholar
  8. 8.
    Hsieh, W.B., Leu, J.S.: Anonymous authentication protocol based on elliptic curve Diffie-Hellman for wireless access networks. Wirel. Commun. Mobile Comput. 14(10), 995–1006 (2014)CrossRefGoogle Scholar
  9. 9.
    Islam, S.H., Biswas, G.: A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J. Syst. Softw. 84(11), 1892–1898 (2011)CrossRefGoogle Scholar
  10. 10.
    Krawczyk, H.: HMQV: a high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005). CrossRefGoogle Scholar
  11. 11.
    Li, G., Jiang, Q., Wei, F., Ma, C.: A new privacy-aware handover authentication scheme for wireless networks. Wirel. Pers. Commun. 80(2), 581–589 (2015)CrossRefGoogle Scholar
  12. 12.
    Neuman, B.C., Ts’o, T.: Kerberos: an authentication service for computer networks. IEEE Commun. Mag. 32(9), 33–38 (1994)CrossRefGoogle Scholar
  13. 13.
    Wang, D., Cheng, H., He, D., Wang, P.: On the challenges in designing identity-based privacy-preserving authentication schemes for mobile devices. IEEE Syst. J. PP(99), 1–10 (2016)CrossRefGoogle Scholar
  14. 14.
    Xie, Y., Wu, L., Kumar, N., Shen, J.: Analysis and improvement of a privacy-aware handover authentication scheme for wireless network. Wirel. Pers. Commun. 93(2), 523–541 (2017)CrossRefGoogle Scholar
  15. 15.
    Yang, J.H., Chang, C.C.: An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Comput. Secur. 28(3), 138–143 (2009)CrossRefGoogle Scholar
  16. 16.
    Yeo, S.L., Yap, W.S., Liu, J.K., Henricksen, M.: Comments on “analysis and improvement of a secure and efficient handover authentication based on bilinear pairing functions”. IEEE Commun. Lett. 17(8), 1521–1523 (2013)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Xu Yang
    • 1
    Email author
  • Xun Yi
    • 1
  • Hui Cui
    • 1
  • Xuechao Yang
    • 1
  • Surya Nepal
    • 2
  • Xinyi Huang
    • 3
  • Yali Zeng
    • 3
  1. 1.School of ScienceRMIT UniversityMelbourneAustralia
  2. 2.CSIRO Data61SydneyAustralia
  3. 3.School of Mathematics and informaticsFujian Normal UniversityFuzhouChina

Personalised recommendations