Liling Cao,Zhang Yu,Yuqing Liu,Shouqi Cao

DOI: https://doi.org/10.1109/access.2021.3080839

IF: 3.9

2021-01-01

IEEE Access

Abstract:Aiming at to avoid the drawbacks of the identity privacy protection scheme in Long Term Evolution-Wireless Local Area Network (LTE-WLAN) heterogeneous converged network proposed by the 3rd Generation Partnership Project (3GPP), an improved scheme based on identity index is proposed to achieve anonymity, untraceability and dynamic identity. Security analysis shows that our proposed scheme can prevent replay attack and man-in-the-middle attack for network layer authentication. The results of comparison with the related schemes show that security and efficiency of our proposed scheme is prior to some other existing ones with low computation cost and short time delay.

computer science, information systems,telecommunications,engineering, electrical & electronic

Myrto Arapinis,Loretta Ilaria Mancini,Eike Ritter,Mark Ryan

DOI: https://doi.org/10.48550/arXiv.1109.2066

2011-09-10

Abstract:The ubiquitous presence of mobile communication devices and the continuous development of mo- bile data applications, which results in high level of mobile devices' activity and exchanged data, often transparent to the user, makes privacy preservation an important feature of mobile telephony systems. We present a formal analysis of the UMTS Authentication and Key Agreement protocol, using the applied pi-calculus and the ProVerif tool. We formally verify the model with respect to privacy properties. We show a linkability attack which makes it possible, for individuals with low-cost equipment, to trace UMTS subscribers. The attack exploits information leaked by poorly designed error messages.

Cryptography and Security

Jianwei Niu,Xiong Li

DOI: https://doi.org/10.1002/sec.601

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:ABSTRACTUser authentication and privacy protection are important issues for wireless and mobile communication systems such as GSM, 3G, and 4G wireless networks. Recently, Yoon et al. proposed a user‐friendly authentication scheme with anonymity for wireless communications. However, in this paper, we show that user anonymity of their scheme is not achieved under the eavesdropping attack and their scheme is not fair in the key agreement. In order to ensure security authentication and protect user anonymity for wireless communications, we propose a novel user authentication scheme with anonymity based on elliptic curve cryptosystem, which can resist various known types of attacks and is more practical for wireless and mobile communications. Copyright © 2012 John Wiley & Sons, Ltd.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li,Ashok Kumar Das,Muhammad Khurram Khan,Marimuthu Karuppiah,Renuka Baliyan

DOI: https://doi.org/10.1002/sec.1558

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:Ubiquitous networks support the roaming service for mobile communication devices. The mobile user can use the services in the foreign network with the help of the home network. Mutual authentication plays an important role in the roaming services, and researchers put their interests on the authentication schemes. Recently, in 2016, Gope and Hwang found that mutual authentication scheme of He et al. for global mobility networks had security disadvantages such as vulnerability to forgery attacks, unfair key agreement, and destitution of user anonymity. Then, they presented an improved scheme. However, we find that the scheme cannot resist the off-line guessing attack and the de-synchronization attack. Also, it lacks strong forward security. Moreover, the session key is known to HA in that scheme. To get over the weaknesses, we propose a new two-factor authentication scheme for global mobility networks. We use formal proof with random oracle model, formal verification with the tool Proverif, and informal analysis to demonstrate the security of the proposed scheme. Compared with some very recent schemes, our scheme is more applicable. Copyright © 2016 John Wiley & Sons, Ltd.

Yixin Jiang,Chuang Lin,Xuemin Shen,Minghui Shi

DOI: https://doi.org/10.1007/11422778_10

2005-01-01

Abstract:Two novel mutual authentication and key exchange protocols with anonymity are proposed for different roaming scenarios in the global mobility network (GLOMONET). The proposed protocols have new features, such as identity anonymity and one-time session key progression. Identity anonymity protects mobile users' privacy in the roaming network environment. One-time session key progression frequently renews the session key for mobile users and reduces the risk of using a compromised session key to communicate with visited networks. It is shown that the computation complexity of the proposed protocols is similar to the existing one appeared in the literature, while the security has been significantly enhanced.

Guomin Yang,Qiong Huang,Duncan S. Wong,Xiaotie Deng

DOI: https://doi.org/10.1109/twc.2010.01.081219

IF: 10.4

2010-01-01

IEEE Transactions on Wireless Communications

Abstract:A secure roaming protocol allows a roaming user.. to visit a foreign server.. and establish a session key in an authenticated way such that.. authenticates.. and at the same time convinces.. that it is a legitimate subscriber of some server H, called the home server of U. The conventional approach requires the involvement of all the three parties. In this paper, we propose a new approach which requires only two parties, U and V, to get involved. We propose two protocols: one provides better efficiency and supports user anonymity to an extent comparable to that provided by current mobile systems; and the other one achieves Strong User Anonymity that protects U's identity against both eavesdroppers and foreign servers and is currently the strongest notion of user anonymity defined for secure roaming. Both protocols are universal in the sense that the same protocol and signaling flows are used regardless of the domain ( home or foreign) that.. is visiting. This helps reducing the system complexity in practice. We also propose a practical user revocation mechanism, which is one of the most challenging problems for two-party roaming supporting Strong User Anonymity. Our solutions can be applied in various kinds of roaming networks such as Cellular Networks and interconnected Wireless Local Area Networks.

Chun Chen,Daojing He,samuel y c chan,Jiajun Bu,Yi Gao,Rong Fan

DOI: https://doi.org/10.1002/dac.1158

2011-01-01

International Journal of Communication Systems

Abstract:Seamless roaming in the global mobility network (GLOMONET) is highly desirable for mobile users, although their proper authentication is challenging. This is because not only are wireless networks susceptible to attacks, but also mobile terminals have limited computational power. Recently, some authentication schemes with anonymity for the GLOMONET have been proposed. This paper shows some security weaknesses in those schemes. Furthermore, a lightweight and provably secure user authentication scheme with anonymity for the GLOMONET is proposed. It uses only symmetric cryptographic and hash operation primitives for secure authentication. Besides, it takes only four message exchanges among the user, foreign agent and home agent. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity, user friendly, no password/verifier table, and use of one-time session key between mobile user and foreign agent. The security properties of the proposed protocol are formally validated by a model checking tool called AVISPA. Furthermore, as one of the new features in our protocol, it can defend smart card security breaches. Copyright © 2010 John Wiley & Sons, Ltd. (In this paper, we propose a lightweight and provably secure user authentication scheme with anonymity for the global mobility network. It uses only symmetric cryptographic and hash operation primitives for secure authentication. Besides, it takes only four message exchanges among the user, foreign agent and home agent. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity and user friendly. Furthermore, it can defend smart card security breaches.)

Daojing He,Sammy Chan,Chun Chen,Jiajun Bu,Rong Fan

DOI: https://doi.org/10.1007/s11277-010-0033-5

IF: 2.017

2010-01-01

Wireless Personal Communications

Abstract:Designing a user authentication protocol with anonymity for the global mobility network (GLOMONET) is a difficult task because wireless networks are susceptible to attacks and each mobile user has limited power, processing and storage resources. In this paper, a secure and lightweight user authentication protocol with anonymity for roaming service in the GLOMONET is proposed. Compared with other related approaches, our proposal has many advantages. Firstly, it uses low-cost functions such as one-way hash functions and exclusive-OR operations to achieve security goals. Having this feature, it is more suitable for battery-powered mobile devices. Secondly, it uses nonces instead of timestamps to avoid the clock synchronization problem. Therefore, an additional clock synchronization mechanism is not needed. Thirdly, it only requires four message exchanges between the user, foreign agent and home agent. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity, no password table, and high efficiency in password authentication. Security and performance analyses show that compared with other related authentication schemes, the proposed scheme is more secure and efficient.

Marimuthu Karuppiah,Saru Kumari,Ashok Kumar Das,Xiong Li,Fan Wu,Sayantani Basu

DOI: https://doi.org/10.1002/sec.1598

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:Ubiquitous networks provide effective roaming services for mobile users (MUs). Through the worldwide roaming technology, authorized MUs can avail ubiquitous network services. Important security issues to be considered in ubiquitous networks are authentication of roaming MUs and protection of privacy of MUs. However, because of the broadcast nature of wireless channel and resource limitations of terminals, providing efficient user authentication with privacy preservation is a challenging task. Very recently, Farash et al. proposed an authentication scheme with anonymity for consumer roaming in ubiquitous networks and claimed their scheme achieves all security requirements. In this paper, we show that the scheme of Farash et al. fails to achieve user anonymity and mutual authentication. Their scheme also fails to provide local password verification, and it has a faulty password change phase. Moreover, their scheme is vulnerable to replay, offline password guessing, and forgery attacks. To fix the security flaws of the scheme of Farash et al., we present an improved authentication scheme for accessing roaming service provided by ubiquitous networks. We then formally verify the security properties of our scheme by the widely-accepted push-button tool called Automated Validation of Internet Security Protocols and Applications. Security and performance analyses show that our scheme is more powerful, efficient, and secure when it is compared with existing schemes. Copyright (C) 2016 John Wiley & Sons, Ltd.

Shashidhara R.,Bojjagani Sriramulu,Maurya Anup Kumar,Kumari Saru,Xiong Hu

DOI: https://doi.org/10.1007/s12083-020-00929-y

IF: 3.488

2020-01-01

Peer-to-Peer Networking and Applications

Abstract:The authentication system plays a crucial role in the context of GLObal MObility NETwork (GLOMONET) where Mobile User (MU) often need to seamless and secure roaming service over multiple Foreign Agents (FA). However, designing a robust and anonymous authentication protocol along with a user privacy is essential and challenging task. Due to the resource constrained property of mobile terminals, the broadcast nature of a wireless channel, mobility environments are frequently exposed to several attacks. Many researchers focus their interests on designing an efficient and secure mobile user authentication protocol for mobility networks. Very recently (in 2018), Xu et al presented the novel anonymous authentication system for roaming in GLOMONET, and insisted that their protocol is more secure than existing authentication protocols. The security strength of Xu et al.'s authentication protocol is analysed and identified that the protocol is vulnerable to stolen verifier attack, privileged insider attack, impersonation attack and denial of service attack. In-fact, the protocol suffers from clock synchronization problem and cannot afford local password-verification to detect wrong passwords quickly. As a remedy, we proposed an efficient and robust anonymous authentication protocol for mobility networks. The proposed mobile user authentication protocol achieves the provable security and has the ability to resist against numerous network attacks. Besides, the correctness of the novel authentication protocol is validated using formal security tool called AVISPA (Automated Validation of Internet Security Protocols & Applications). Finally, the performance analysis and simulation results reveals that the proposed authentication protocol is computationally efficient and practically implementable in resource limited mobility environments.

Lihua Liu

DOI: https://doi.org/10.1109/jsyst.2024.3490536

IF: 4.802

2024-12-07

IEEE Systems Journal

Abstract:We show that the authentication protocol (Ma and Cheng [10]) fails to keep user anonymity, not as claimed. We suggest a method to fix it. Besides, we find there is a flawed equality, in which some terms are inaccessible to the user. This flaw results in the failure for the user to finish his computations. We also suggest a method to fix this mistake.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

张斌,邬江兴

DOI: https://doi.org/10.3969/j.issn.1000-7180.2003.08.013

2003-01-01

Abstract:The anonymity of mobile user must be considered sufficiently during the authentication of user in a mobile com-puting environment.In this paper,we present a classificationscheme of anonymity of mobile user,give three methods of solv-ing the anonymity of mobile user including shared key method,public key method and hybrid method.Then we analyze these methods,point out the existing problems and propose some im-provement to overcome the constraint of homeless authentica-tion protocol.

Mohammed Ramadan,Fagen Li,Chunxiang Xu,Abdeldime Mohamed,Hisham Abdalla,Ahmed Abdalla Ali

DOI: https://doi.org/10.6633/ijns.201607.18(4).17

2016-01-01

Abstract:Long Term Evolution LTE is the first technology that provides exclusively packet-switched data and modifies the security architecture of the 2G and 3G systems. The LTE security architecture offers confidentiality, access control, a kind of obscurity and mutual authentication. However, numerous types of attacks can be encountered during the mutual authentication process which is a challenge-response based technique. Therefore, a high secure public key algorithm can be implemented to improve the network security services. As the network operator is often considered as not being a highly trusted party and can thus face threats, the communications ends are the only secure parties to provide such security features. This paper pro- poses a secure mutual authentication and key agreement scheme for LTE cellular system with user-to-user security. The network side in this scheme operates as a proxy and non-trusted party to provide the security architecture with more exibility and reliability. This is achieved by using designated verifier proxy signature and key agreement protocol based bilinear pairing with some changes in both security algorithms and LTE security architecture within the LTE standardization. Our security and performance analysis demonstrated that the proposed scheme is more secure compared to the basic authentication and key agreements schemes.

YX Jiang,C Lin,MH Shi,XM Shen

DOI: https://doi.org/10.1109/glocom.2005.1577941

2005-01-01

Abstract:A novel authentication protocol for teleconference service is proposed. The main features of the proposed protocol include identity anonymity, one-time PID (pseudonym identity) renewal and location intractability. Identity anonymity is achieved by concealing the real identity of a mobile conferee in a prearranged pseudonym identity. One-time PID renewal mechanism, in which the mobile conferee's PID is frequently updated communicating with the network centre, is introduced to offer location intractability. It is shown that the security has been significantly enhanced, while the computation complexity is similar to the existing one appeared in the literature.

Qiong Pu,Jian Wang,Shuhua Wu

DOI: https://doi.org/10.1504/ijahuc.2013.052345

2013-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:User privacy is a notable security issue in wireless communications support roaming. However, the mobile authentication schemes existing in the literature cannot achieve this goal in an efficient way. In this paper, we propose a novel lightweight authentication scheme with anonymity and unlinkability for roaming service in large-scale wireless networks. Moreover, we formally analyse our proposed scheme with the BAN-logic and show that it can withstand the several possible attacks.

Yao Cheng,Li Yue,Naixia Duan,Chenglong Li

DOI: https://doi.org/10.1155/2022/5426288

2022-03-09

Wireless Communications and Mobile Computing

Abstract:An anonymous roaming scheme of mobile Internet was discussed in this paper aiming to improve the traditional authentication protocol that cannot satisfy the demand of user’s identity authentication when the mobile terminal is roaming in mobile Internet. The authentication server of remote network will complete the identity legitimacy verification of mobile terminal with the help of the home network authentication server. A temporary identity is used to prevent user’s anonymity protection from being tracked and eavesdropped, as well as other attacks, which can improve the confidential of user’s identity and location considerably. This anonymous roaming scheme can achieve a high-level of safety efficiently. This will also satisfy the development of the network technology.

computer science, information systems,telecommunications,engineering, electrical & electronic

Guomin Yang,Duncan S. Wong,Xiaotie Deng

DOI: https://doi.org/10.3217/jucs-014-03-0441

2008-01-01

Abstract:In a secure roaming scenario, a user U travels to a foreign network and communicates with a foreign server V securely so that no one other than U and V can obtain the messages exchanged between them. U may also want to travel anonymously so that no one including V can find out its identity or trace its whereabouts except its home server H. There have been many key establishment protocols proposed for secure roaming. A typical application of these protocols is the mobile roaming service which may be deployed to interconnected WLAN and 3G networks. Despite the importance of these protocols, most of the protocols are analyzed heuristically. They are lack of formal security treatment. In this paper, we propose a formal key exchange definition and formalize secure roaming under the Canetti-Krawczyk (CK) model. We also propose a formal model for capturing the notions of user anonymity and untraceability. By using the modular approach supported by the CK-model, we construct an efficient key exchange protocol for roaming and then extend it to support user anonymity and untraceability. The protocols are efficient and each of them requires only four message flows among the three parties U, H and V. For building our protocols, we construct a one-pass counter based MT-authenticator and show its security under the assumption of a conventional MAC secure against chosen message attack.

Jian-bin Hu,Hu Xiong,Zhong Chen

2012-01-01

Abstract:Seamless roaming is highly desirable for wireless communications, and security such as authentication and privacy preserving of mobile users is challenging. Recently, Wu et al. and Wei et al. proposed two authentication schemes that guarantee user anonymity in wireless communications, respectively. However, Kang et al. pointed out some security flaws of Wu et al.’s and Wei et al.’s authentication schemes and showed how to overcome the problems regarding anonymity and the forged login messages. In this paper, we will show that Kang et al.’s improved scheme still did not provide user anonymity as they claimed and give a further improvement to fix the problem without losing any features of the original scheme.

Rongxing Lu,Xiaodong Lin,Haojin Zhu,Pin-Han Ho,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/tvt.2008.925304

IF: 6.8

2009-01-01

IEEE Transactions on Vehicular Technology

Abstract:Location privacy of mobile users (MUs) in wireless communication networks is very important. Ensuring location privacy for an MU is an effort to prevent any other party from learning the MU's current and past locations. In this paper, we propose a novel anonymous mutual authentication protocol with provable link-layer location privacy preservation. We first formulate the security model on the link-layer, forward-secure location privacy, which is characterized by the fact that even when an attacker corrupts an MU's current location privacy, the attacker should be kept from knowing how long the MU has stayed at the current location. Then, based on the newly devised keys with location and time awareness, a novel anonymous mutual authentication protocol between the MUs and the access point (AP) is proposed. To the best of our knowledge, this is the first developed anonymous mutual authentication scheme that can achieve provable link-layer, forward-secure location privacy. To improve efficiency, a Preset in Idle technique is exercised in the proposed scheme, which is further compared with a number of previously reported counterparts through extensive performance analysis.

Yu Zheng,Dake He,Xiaohu Tang,Hongxia Wang

DOI: https://doi.org/10.1109/ICICS.2005.1689196

2005-01-01

Abstract:Future 4G mobile communication networks are expected to provide all IP-based services for heterogeneous wireless access technologies. Security service for mobile user as a major challenge in developing such 4G networks becomes more complicated to handle. Since the mobile equipment (ME) becomes ever more powerful but still remain open to possible attacks, the neglect of the security of ME in developing traditional security scheme for mobile networks will remain many risks in the coming 4G systems. In this paper we associate trusted computing (TC) with PKI to provide a considerable robust platform for user's access to sensitive service and data in the scenario of 4G systems. Then over the trusted mobile platform (TMP) we present an hybrid AKA (authentication and key agreement) and authorization scheme, in which password is in combination with fingerprint as well as public key to achieve mutual authentication among user/ME/USIM (universal subscriber identity module) and that among user/AN (accessed network)/HE (home environment). Compared with other AKA for future mobile networks and 3G AKA, our scheme with well scalability and acceptable efficiency is more robust and secure to resist potential attacks on/from ME and attacks in heterogeneous network infrastructure