Abstract
User authentication scheme is an essential issue for offering roaming service to mobile users in global mobile network (GLOMONET). However, designing an anonymous user authentication scheme in GLOMONET is a challenging task since wireless communication networks are susceptible to a variety of attacks and mobile devices are of limited storage, processing and communication capabilities. Recently, Miyoung and Rhee examined the schemes proposed by Wei et al. and Wu et al., and came up with an improved authentication scheme offering user anonymity in GLOMONET. We point out that Miyoung and Rhee scheme is exposed to off-line password guessing and user impersonation attacks. Also, their scheme cannot offer user anonymity, password change or updating option and quick detection of wrong password. In order to overcome the flaws present in Miyoung and Rhee scheme, we propose a dynamic ID-based generic framework for anonymous authentication scheme for roaming service in GLOMONET, which is invincible to various prying attacks of intruders. Furthermore, the performance analysis proves that our scheme is versatile, simple and secure when compared to the existing authentication schemes.
Similar content being viewed by others
References
Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics, 50(1), 231–235.
Lee, C. C., Hwang, M. S., & Liao, I. E. (2006). Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Industrial Electronics, 53(5), 1683–1687.
Wu, C. C., Lee, W. B., & Tsaur, W. J. (2008). A secure authentication scheme with anonymity for wireless communications. IEEE Communications Letters, 12(10), 722–723.
Chang, C. C., Lee, C. Y., & Chiu, Y. C. (2009). Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications, 32(4), 611–618.
Youn, T. Y., Park, Y. H., & Lim, J. (2009). Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Communications Letters, 13(7), 471–473.
Miyoung, K., & Rhee, H. S. (2011). Improved user authentication scheme with user anonymity for wireless communications. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 94(2), 860–864.
Hu, J. B., Xiong, H., & Chen, Z. (2012). Further improvement of an authentication scheme with user anonymity for wireless communications. International Journal of Network Security, 14(5), 297–300.
Yoon, E. J., Yoo, K. Y., & Ha, K. S. (2011). A user friendly authentication scheme with anonymity for wireless communications. Computers and Electrical Engineering, 37(3), 356–364.
Niu, J., & Li, X. (2014). A novel user authentication scheme with anonymity for wireless communications. Security and Communication Networks, 7(10), 1467–1476.
Li, C. T. (2012). A more secure and efficient authentication scheme with roaming service and user anonymity for mobile communications. Information Technology and Control, 41(1), 69–76.
Mun, H., Han, K., Lee, Y. S., Yeun, C. Y., & Choi, H. H. (2012). Enhanced secure anonymous authentication scheme for roaming service in global mobility networks. Mathematical and Computer Modelling, 55(1), 214–222.
Kim, J. S., & Kwak, J. (2012). Improved secure anonymous authentication scheme for roaming service in global mobility networks. International Journal of Security and its Applications, 6(3), 45–54.
He, D., Chan, S., Chen, C., Bu, J., & Fan, R. (2011). Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications, 61(2), 465–476.
Jiang, Q., Ma, J., Li, G., & Yang, L. (2013). An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wireless Personal Communications, 68(4), 1477–1491.
Xu, J., Zhu, W. T., & Feng, D. G. (2011). An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks. Computer Communications, 34(3), 319–325.
Wen, F., Susilo, W., & Yang, G. (2013). A secure and effective anonymous user authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 73(3), 993–1004.
He, D., Ma, M., Zhang, Y., Chen, C., & Bu, J. (2011). A strong user authentication scheme with smart cards for wireless communications. Computer Communications, 34(3), 367–374.
Li, C. T., & Lee, C. C. (2012). A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Mathematical and Computer Modelling, 55(1), 35–44.
Jeon, W., Lee, Y., & Won, D. (2013). An efficient user authentication scheme with smart cards for wireless communications. International Journal of Security and Its Applications, 7(4), 1–5.
Li, H., Yang, Y., Pang, L. (2013). An efficient authentication protocol with user anonymity for mobile networks. In IEEE wireless communications and networking conference (WCNC 2013) (pp. 1842–1847). Hanghai, China.
Wang, D., Wang, P., & Liu, J. (2014). Improved privacy-preserving authentication scheme for roaming service in mobile networks. In IEEE wireless communications and networking conference (WCNC 2014) (pp. 3136–3141). Istanbul, Turkey.
Kuo, W. C., Wei, H. J., & Cheng, J. C. (2014). An efficient and secure anonymous mobility network authentication scheme. Journal of Information Security and Applications, 19(1), 18–24.
Lu, Y., Wu, X., & Yang, X. (2015). A secure anonymous authentication scheme for wireless communications using smart cards. International Journal of Network Security, 17(3), 237–245.
Farash, M. S., Chaudhry, S. A., Heydari, M., Sadough, S. M. S., Kumari, S., & Khan, M. K. (2015). A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security. International Journal of Communication System. doi:10.1002/dac.3019.
Xie, Q., Hong, D., Bao, M., Dong, N., & Wong, D. S. (2014). Privacy-preserving mobile roaming authentication with security proof in global mobility networks. International Journal of Distributed Sensor Networks, 10(5), 1–7.
He, D., Khan, M. K., & Kumar, N. (2015). A new handover authentication protocol based on bilinear pairing functions for wireless networks. International Journal of Ad Hoc and Ubiquitous Computing, 18(1–2), 67–74.
He, D., Kumar, N., Khan, M. K., & Lee, J. H. (2013). Anonymous two-factor authentication for consumer roaming service in global mobility networks. IEEE Transactions on Consumer Electronics, 59(4), 811–817.
He, D., Zhang, Y., & Chen, J. (2014). Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wireless Personal Communications, 74(2), 229–243.
He, D., Chen, J., & Hu, J. (2012). An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security. Information Fusion, 13(3), 223–230.
Jiang, Q., Ma, J., Lu, X., & Tian, Y. (2015). An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications, 8(6), 1070–1081.
Jiang, Q., Ma, J., Li, G., & Yang, L. (2014). An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wireless Personal Communications, 77(2), 1489–1506.
Abadi, M., Blanchet, B., & Comon-Lundh, H. (2009). Models and proofs of protocol security: A progress report. Proceedngs of Computer Aided Verification, Lecture Notes in Computer Science, 5643, 35–49.
Kocher, P., Jaffe, J., & Jun, B. (1999) Differential power analysis. In Proceedings of Advances in Cryptology–CRYPTO’99, Lecture Notes in Computer Science (vol. 1666, pp. 388–397).
Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.
Jiang, Q., Khan, M. K., Lu, X., Ma, J., He, D. (2016). A privacy preserving three-factor authentication protocol for e-Health clouds. The Journal of Supercomputing. doi:10.1007/s11227-015-1610-x.
Jiang, Q., Wei, F., Fu, S., Ma, J., Li, G., & Alelaiwi, A. (2016). Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dynamics, 83(4), 2085–2101.
Karuppiah, M., & Saravanan, R. (2014). A secure remote user mutual authentication scheme using smart cards. Journal of Information Security and Applications, 19(4–5), 257–320.
Karuppiah, M., & Saravanan, R. (2015). A secure authentication scheme with user anonymity for roaming service in global mobility networks. Wireless Personal Communications, 84(3), 2055–2078.
Karuppiah, M., & Saravanan, R. (2015). Cryptanalysis and an improvement of new remote mutual authentication scheme using smart cards. Journal of Discrete Mathematical Sciences and Cryptography, 18(5), 623–649.
Wu, F., Xu, L., Kumari, S., Das, A. K., Khan, M. K., Karuppiah, M., et al. (2016). A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks. Security and Communication Networks. doi:10.1002/sec.1551.
Online demo for ProVerif. http://proverif.rocq.inria.fr/. Accessed Jan 2015.
ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. Proceedings of Advances in Cryptology, Lecture Notes in Computer Science, 196, 10–18.
Li, C. T., Hwang, M. S., & Chu, Y. P. (2008). A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks. Computer Communications, 31(12), 2803–2814.
Kargl, A., Pyka, S., & Seuschek, H. (2008). Fast arithmetic on atmega128 for elliptic curve cryptography. IACR Cryptology ePrint Archive, 2008, 442.
Acknowledgments
Authors would like to thank the anonymous reviewers for their valuable suggestions and comments that highly improved the readability and completeness of the paper. Authors also acknowledge the management of VIT University for providing the wonderful support to do the research work. This work was supported by the National Natural Science Foundation of China under Grant no. 61300220, and the Scientific Research Fund of Hunan Provincial Education Department under Grant no. 16B089. The Author Fan Wu is supported by University Distinguished Young Research Talent Training Program of Fujian Province (Year 2016), and Fujian Education and Scientific Research Program for Young and Middle-aged Teachers under Grant No. JA14369.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Karuppiah, M., Kumari, S., Li, X. et al. A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks. Wireless Pers Commun 93, 383–407 (2017). https://doi.org/10.1007/s11277-016-3672-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-016-3672-3