Anonymous and authenticated key exchange for roaming networks

Research output: Journal Publications and ReviewsRGC 21 - Publication in refereed journalpeer-review

66 Scopus Citations
View graph of relations

Author(s)

  • Guomin Yang
  • Duncan S. Wong
  • Xiaotie Deng

Related Research Unit(s)

Detail(s)

Original languageEnglish
Pages (from-to)3461-3472
Journal / PublicationIEEE Transactions on Wireless Communications
Volume6
Issue number9
Publication statusPublished - Sept 2007

Abstract

User privacy is a notable security issue in wireless communications. It concerns about user identities from being exposed and user movements and whereabouts from being tracked. The concern of user privacy is particularly signified in systems which support roaming when users are able to hop across networks administered by different operators. In this paper, we propose a novel construction approach of anonymous and authenticated key exchange protocols for a roaming user and a visiting server to establish a random session key in such a way that the visiting server authenticates the user's home server without knowing exactly who the user is. A network eavesdropper cannot find out the user's identity either (user anonymity). In addition, visited servers cannot track the roaming user's movements and whereabouts even they collude with each other (user untraceability). Our construction approach is generic and built upon provably secure two-party key establishment protocols. Merits of our generic protocol construction include eliminating alias synchronization between the user and the home server, supporting joint key control, and not relying on any special security assumptions on the communication channel between the visiting server and the user's home server. Our protocol can also be implemented efficiently. By piggybacking some message lows, the number of message flows between the roaming user and the visiting server is only three. As of independent interest, we describe a new practical attack called deposit-case attack and show that some previously proposed protocols are vulnerable to this attack. © 2007 IEEE.

Research Area(s)

  • Anonymity, Authenticated key exchange, Privacy, Roaming, Untraceability

Citation Format(s)

Anonymous and authenticated key exchange for roaming networks. / Yang, Guomin; Wong, Duncan S.; Deng, Xiaotie.
In: IEEE Transactions on Wireless Communications, Vol. 6, No. 9, 09.2007, p. 3461-3472.

Research output: Journal Publications and ReviewsRGC 21 - Publication in refereed journalpeer-review