Abstract
Handover authentication is a critical issue in wireless networks, which is being used to ensure mobile nodes wander over multiple access points securely and seamlessly. A variety of handover authentication schemes for wireless networks have been proposed in the literature. Unfortunately, existing handover authentication schemes are vulnerable to a few security attacks, or incur high communication and computation costs. Recently, He et al. proposed a handover authentication scheme PairHand and claimed it can resist various attacks without rigorous security proofs. In this paper, we show that PairHand does not meet forward secrecy and strong anonymity. More seriously, it is vulnerable to key compromise attack, where an adversary can recover the private key of any mobile node. Then, we propose a new efficient and provably secure handover authentication scheme for wireless networks based on elliptic curve cryptography. Compared with existing schemes, our proposed scheme can resist key compromise attack, and achieves forward secrecy and strong anonymity. Moreover, it is more efficient in terms of computation and communication.
Highlights
With the rapid development of the wireless internet access techniques, more and more mobile services have appeared, which provide a more convenient life to people
mobile nodes (MNs)’s Key Compromise Security: In the handover authentication phase, the access request sent by MN i to access points (APs) j is a signature that generated by MN i with its signing private key on the message msgi,j = pidMNi kidAPj kts, which is used to prove to AP j that MN i is the private key holer corresponding to the pseudonym pidMNi
A fast handover authentication scheme is essential to seamless services for delay sensitive applications in wireless networks
Summary
With the rapid development of the wireless internet access techniques, more and more mobile services have appeared, which provide a more convenient life to people. As a promising seamless access control technology, handover authentication schemes have received much attention in recent years [4,5,6,7,8,9,10,11] He et al [4] proposed a smart-card based handover authentication scheme, which requires AP2 to contact AS who vouches for the MN’s legitimacy, and there are four messages exchanged between an MN, AP1 and AP2 when an MN moves from AP1 into. This will result in more computation and communication delay, especially if the AS is often located in a remote location Later, He et al [5] proposed a privacy-preserving handover authentication scheme that AP2 does not communicate with the AS, but there are still three message exchanges between the MN and AP2 for mutual authentication and key establishment.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
