Abstract
The design and implementation of two-factor schemes designed for roaming mobile users for global mobility networks in smart cities requires attention to protect the scheme from various security attacks, such as the replay attack, impersonation attack, man-in-the-middle attack, password-guessing attack and stolen-smart-card attack. In addition to these attacks, the scheme should achieve user anonymity, unlinkability and perfect forward secrecy. In the roaming scenario, as mobile users are connected to the foreign network, mobile users must provide authentication details to the foreign network to which they are connected. The foreign network forwards the authentication messages received from the mobile users to their home network. The home network validates the authenticity of the mobile user. In the roaming scenario, all communication between the three entities is carried over an insecure channel. It is assumed that the adversary has the capabilities to intercept the messages transmitted over an insecure channel. Hence, the authentication scheme designed must be able to resist the above-mentioned security attacks and achieve the security goals. Our proposed scheme ES-HAS (elliptic curve-based secure handover authentication scheme) is a two-factor authentication scheme in which the mobile user possesses the password, and the smart card resists the above-mentioned security attacks. It also achieves the above-mentioned security goals. We also extended our two-factor authentication to a multi-factor authentication scheme using the fingerprint biometric technique. The formal security analysis using BAN logic and the formal security verification of the proposed scheme using the widely accepted AVISPA (automated validation of internet security protocols and applications) tool is presented in this article. In comparison with the related schemes, the proposed scheme is more efficient and robust. This makes the proposed scheme suitable for practical implementation.
Highlights
The proposed ES-HAS scheme is resilient to security attacks, such as mobile user (MU)
The shared secret key is computed using elliptic curve cryptography, and this secret key is exchanged between the two communicating entities, foreign network (FN) and home network (HN), during communication to authenticate each other
The ES-HAS scheme is simulated using the AVISPA tool to formally verify whether the proposed scheme is secure against replay and man-in-the-middle attacks
Summary
Authenticating MU in the roaming network is an important security issue. Cryptography 2021, 5, 35 multi-factor authentication schemes in GLOMONET. The first is the registration phase, which is carried over a secure channel; the second is the login and the authentication phase; and the third is the password change phase. MU registers to HN to get access to the HN services, whereas the login and authentication phase is carried over an insecure channel and messages transmitted during these phases are vulnerable to security attacks. In order to secure the messages, symmetric key cryptosystem algorithms are used. Another important security property that should be addressed in GLOMONET is the user anonymity. The protection of the user’s information is an important task for the researchers
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
