Lightweight and provably secure user authentication with anonymity for the global mobility network

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review

114 Scopus Citations
View graph of relations

Author(s)

  • Chun Chen
  • Daojing He
  • Jiajun Bu
  • Yi Gao
  • Rong Fan

Related Research Unit(s)

Detail(s)

Original languageEnglish
Pages (from-to)347-362
Journal / PublicationInternational Journal of Communication Systems
Volume24
Issue number3
Publication statusPublished - Mar 2011

Abstract

Seamless roaming in the global mobility network (GLOMONET) is highly desirable for mobile users, although their proper authentication is challenging. This is because not only are wireless networks susceptible to attacks, but also mobile terminals have limited computational power. Recently, some authentication schemes with anonymity for the GLOMONET have been proposed. This paper shows some security weaknesses in those schemes. Furthermore, a lightweight and provably secure user authentication scheme with anonymity for the GLOMONET is proposed. It uses only symmetric cryptographic and hash operation primitives for secure authentication. Besides, it takes only four message exchanges among the user, foreign agent and home agent. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity, user friendly, no password/verifier table, and use of one-time session key between mobile user and foreign agent. The security properties of the proposed protocol are formally validated by a model checking tool called AVISPA. Furthermore, as one of the new features in our protocol, it can defend smart card security breaches. © 2010 John Wiley & Sons, Ltd.

Research Area(s)

  • anonymity, authentication, global mobility network, model checking, security, smart card