Abstract
Roaming is when the mobile user goes out of his/her home agent network coverage and loses its signal. Loss of coverage and signals may be limited to a remote area or may occur when mobile user leaves the country and moves to a country where his/her mobile carrier network is not available. In this case, the mobile device is in roaming mode. In this mode, mobile user through connection to a Foreign Agent can still use its home agent services if his/her authentication be successful. In such situations, the authentication mechanism plays a key and important role, where the mobile user often needs to integrate and secure roaming service over multiple foreign agents. Designing a secure mechanism in Global Mobility Network (GLOMONET) is a difficult and complex task due to the computational and processing limitations of most mobile devices, as well as the wireless nature of communication environment. Unfortunately, most of the authentication schemes that have been proposed so far to meet this goal have failed to achieve their goal. In this line, Shashidhara et al. recently reported security vulnerabilities of Xu et al.'s mobile authentication scheme, and also presented an amended version of it. This paper shows that this proposed scheme has security flaws against impersonation, traceability, forward secrecy contradiction, and stolen smart card attacks, which implies that this protocol may not be a proper choice to be used on GLOMONET. On the other hand, we propose AMAPG, as a cost-efficient remedy version of the protocol which provides desired security against various attacks and also prove its security using BAN logic. We also evaluate AMAPG's security using Scyther as a widely used formal tool to evaluate the security correctness of the cryptographic protocols.
Highlights
Wireless communication is the transmission of information without a wire interface by electromagnetic waves
The mobility service means that the mobile user i.e. Mobile users (M U) can still use the wireless service when traveling to another country that is provided through roaming
AM, IDH, V1, NM, V4 and IDF . 2) Steal the mobile user M U ’s smart card and getting the values stored in it i.e. {SP, P V, RN, KMU, h(.)}. 3) Using stolen SP and RN from M U ’s smart card and guessing M U ’s password i.e. P SWM, the adversary computes HID = SP ⊕ h(P SWM RN ). 4) Using stolen KMU from M U ’s smart card and retrieved HID from Step 3, the adversary computes V4 = h(HID IDF KMU ) and if V4 equals with eavesdropped V4, means that the retrieved HID is the same as the original HID, otherwise, it returns to Step 3
Summary
Wireless communication is the transmission of information without a wire interface by electromagnetic waves. Whether or not authentication protocols for employing in Global Mobility Network (GLOMONET) are based on smart cards must have the following properties:. Anonymity and untraceability of the mobile user i.e. M U must be addressed even if his/her smart card is stolen (in smart card based authentication protocols). It was not long before that Shashidhara et al [1] showed that Xu et al.’s protocol is not able to verify the local password and suffers from the problem of clock synchronization. To address these issues, they developed a secure protocol for mobile networks. We have modified Shashidhara et al.’s protocol so that it can be protected against all attacks, especially the ones presented in this paper
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
