Abstract
Designing a user authentication protocol with anonymity for the global mobility network (GLOMONET) is a difficult task because wireless networks are susceptible to attacks and each mobile user has limited power, processing and storage resources. In this paper, a secure and lightweight user authentication protocol with anonymity for roaming service in the GLOMONET is proposed. Compared with other related approaches, our proposal has many advantages. Firstly, it uses low-cost functions such as one-way hash functions and exclusive-OR operations to achieve security goals. Having this feature, it is more suitable for battery-powered mobile devices. Secondly, it uses nonces instead of timestamps to avoid the clock synchronization problem. Therefore, an additional clock synchronization mechanism is not needed. Thirdly, it only requires four message exchanges between the user, foreign agent and home agent. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity, no password table, and high efficiency in password authentication. Security and performance analyses show that compared with other related authentication schemes, the proposed scheme is more secure and efficient.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Zhu J., Ma J. (2004) A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics 50(1): 230–234
Lee C. C., Hwang M. S., Liao I. E. (2006) Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics 53(5): 1683–1687
Wu C. C., Lee W. B., Tsaur W. J. (2008) A secure authentication scheme with anonymity for wireless communications. IEEE Communications Letters 12(10): 722–723
Zeng P., Cao Z., Choo K-K. R., Wang S. (2009) On the anonymity of some authentication schemes for wireless communications. IEEE Communications Letters 13(3): 170–171
Lee J.-S., Chang J. H., Lee D. H. (2009) Security flaw of authentication scheme with anonymity for wireless communications. IEEE Communications Letters 13(5): 292–293
Chang C.-C., Lee C.-Y., Chiu Y.-C. (2009) Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications 32(4): 611–618
Youn T.-Y., Park Y.-H., Lim J. (2009) Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Communications Letters 13(7): 471–473
Liao Y.-P., Wang S.-S. (2009) A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(1): 24–29
Hsiang H.-C., Shih W.-K. (2009) Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards and Interfaces 31(6): 1118–1123
Daemen J., Rijmen V. (2002) The design of rijndael. Springer-Verlag New York, Inc. Secaucus, NJ, USA
Clarke E. M., Grumberg O., Peled D. A. (1999) Model checking. MIT Press, Cambridge
Dolev D., Yao A. (1983) On the security of public key protocols. IEEE Transactions on Information Theory 29(2): 198–208
Jiang Y., Lin C., Shen X., Shi M. (2006) Mutual authentication and key exchange protocols for roaming services in wireless mobile networks. IEEE Transactions on Wireless Communications 5(9): 2569–2577
National Institute of Standards and Technology, U.S. Department of Commerce. (2002). Secure Hash Standard. U.S. Federal Information Processing Standard Publication, pp. 180–182.
Wang, X., Yin, Y. L., & Yu, H. (2005). Finding collisions in the full SHA-1, Lecture Notes in Computer Science.
“IAIK Krypto Group - Description of SHA-1 Collision Search Project”.
Kocher, P. C., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Proceeding of advances cryptology LNCS 1666 (pp. 388–397). Santa Barbara, CA, USA: Springer-Verlag.
He D., Cui L., Huang H., Ma M. (2009a) Design and verification of enhanced secure localization scheme in wireless sensor networks. IEEE Transactions on Parallel and Distributed Systems 20(7): 1050–1058
He D., Cui L., Huang H., Ma M. (2009b) Secure and efficient localization scheme in ultra-wideband sensor networks. Wireless Personal Communications, 50(4): 545–561
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
He, D., Chan, S., Chen, C. et al. Design and Validation of an Efficient Authentication Scheme with Anonymity for Roaming Service in Global Mobility Networks. Wireless Pers Commun 61, 465–476 (2011). https://doi.org/10.1007/s11277-010-0033-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-010-0033-5