A Secure Authentication Scheme with User Anonymity for Roaming Service in Global Mobility Networks

Abstract

In global mobility networks, user authentication is an essential security mechanism that permits mobile users to use the roaming services offered by foreign agents with the support of home agent in mobile network environment. Recently, Rhee et al. analyzed Wu et al. and Wei et al. authentication scheme, and proposed a smart card based user authentication scheme with user anonymity in global mobility networks. However, in this paper, we find that Rhee et al. scheme is vulnerable to user impersonation attacks and off-line password guessing attacks. Moreover, the scheme does not preserve user anonymity; does not provide perfect forward secrecy, and an option to change/update the password; and does not detect wrong password quickly. Hence we propose a secure authentication scheme with user anonymity for roaming service in global mobility networks. Furthermore, performance analysis shows that compared with existing authentication schemes, our proposed scheme is simple and secure.