On the design of security protocols for mobile communications
Use of mobile personal computers in open networked environment is revolutionalising the way we use computers. Mobile networked computing is raising important information security and privacy issues. This paper is concerned with the design of authentication protocols for a mobile computing environment. The paper first analyses the authentication initiator protocols proposed by Beller, Chang and Yacobi (BCY) and the modifications considered by Carlsen and points out some weaknesses. The paper then suggests improvements to these protocols. The paper proposes secure end-to-end protocols between mobile users using both symmetric and public key based systems. These protocols enable mutual authentication and establish a shared secret key between mobile users. Furthermore, these protocols provide a certain degree of anonymity of the communicating users to be achieved vis-a-vis other system users.
Unable to display preview. Download preview PDF.
- 1.Beller, M. J., Chang, L.-F., Yacobi, Y.: Privacy and authentication on a portable communications system. IEEE Journal on Selected Areas in Communications 11 (1993) 821–829.Google Scholar
- 2.Beller, M. J., Yacobi, Y.: Fully-fledged two-way public key authentication and key agreement for low-cost terminals. Electronics Letters 29 (1993) 999–1001.Google Scholar
- 3.Carlsen, U.: Optimal privacy and authentication on a portable communications system. ACM Operating Systems Review 28 (1994) 16–23.Google Scholar
- 4.Cox, D. C.: Portable digital radio communication — an approach to tetherless access. IEEE Communications Magazine 27 (1990).Google Scholar
- 5.Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Info. Theory 22 (1976) 644–654.Google Scholar
- 6.Hardjono, T., Seberry, J.:. Information security issues in mobile computing. In Proceedings of IFIP Sec'95 (1995) pp. 143–155.Google Scholar
- 7.Rabin, M. O.:. Digitalized signatures and public-key functions as intractable as factorization. Tech. Rep. TR 212 MIT Lab. Computer Science, Cambridge., Mass. Jan. 1979.Google Scholar
- 8.Varadharajan, V., Mu, Y.:. Authentication of mobile communications systems. In Proceedings of the 1996 IFIP Mobile Communication Conference (Sept 1996).Google Scholar
- 9.Varadharajian, V.:. Security for personal mobile networked computing. In Proceedings of the International Conference on Mobile and Personal Communications Systems (Australia, April 1995).Google Scholar
- 10.Williams, H. C.: A modification of RAS public-key encryption. IEEE Trans. Info. Theory IT-26 (1980) 726–729.Google Scholar