Privacy-preserving mobile roaming authentication with security proof in global mobility networks

Mobile roaming authentication scheme achieves the mutual authentication and session key establishment between the mobile user and the foreign agent. In 2013, Xie et al. pointed out that Chen et al.'s scheme is vulnerable to offline password attack, and does not achieve fair session key generation, user untraceability, user friendliness, and perfect forward secrecy, and then they proposed an improved scheme. In this paper, we propose an improvement of Xie et al.'s scheme, since the foreign agent may confuse the mobile users when multiple mobile users simultaneously access the foreign agent in Xie et al.'s scheme. Further, we prove the formal security of the proposed scheme, and present the performance comparison between our scheme and some related schemes. The proposed scheme is more efficient and secure than other related schemes and is suitable for using in the global mobility network. © 2014 Qi Xie et al.