Abstract
User authentication scheme is an important issue for providing secure roaming service to users of mobile devices. In 2008, Wu, Lee and Tsaur proposed an enhanced anonymous authentication for roaming environment. In this paper, we show weaknesses of Wu–Lee–Tsaur’s schemes such as failing to achieve anonymity and perfect forward secrecy, and disclosing of legitimate user’s password. Therefore, we propose a new enhanced scheme that uses Elliptic Curve Diffie–Hellman (ECDH) to overcome these weaknesses and improve performance. We also demonstrate that our scheme not only overcomes these weaknesses but also provides mutual authentication and resistance to a man-in-the-middle attack. Compared with previous schemes that use public key cryptosystem with certificates, our scheme is more efficient. Moreover, our scheme does not use timestamps, so it is not required to synchronize the time.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call