A secure and privacy-preserving lightweight authentication protocol for wireless communications

Abstract

ABSTRACTIn wireless networks, seamless roaming allows a mobile user (MU) to utilize its services through a foreign server (FS) when outside his home server (HS). However, security and efficiency of the authentication protocol as well as privacy of MUs are of great concern to achieve an efficient authentication protocol. Conventionally, authentication involves the participation of three entities (MU, HS, and FS); however, involving an HS in the authentication process incurs heavy computational burden on it due to huge amount of roaming requests. Moreover, wireless networks are often susceptible to various forms of passive and active attacks. Similarly, mobile devices have low processing, communication, and power capabilities.In this paper, we propose an efficient, secure, and privacy-preserving lightweight authentication protocol for roaming MUs in wireless networks without engaging an HS. The proposed authentication protocol uses unlinkable pseudo-IDs and lightweight time-bound group signature to provide strong user anonymity, and a cost-effective cryptographic scheme to achieve security of the authentication protocol. Similarly, we implement a better billing system for MUs and a computationally efficient revocation scheme. Our analysis shows that the protocol has better performance than other related authentication protocols in wireless communications in terms of security, privacy, and efficiency.