Provably secure anonymous authentication with batch verification for mobile roaming services

Abstract

Recently, multiple secure authentication schemes with user anonymity feature for mobile roaming services have been proposed to address general user privacy concern from mobile device users. As mobile devices usually have limited computing resources, it is difficult to develop an anonymous authentication scheme which possesses performance efficiency and security robustness at the same time. In this paper, a new anonymous authentication scheme for mobile roaming services is proposed to support fast authentication and preserve security strength and user privacy. The proposed authentication mechanism adopts identity-based encryption scheme and identity-based batch signature scheme to further reduce the total computation cost during one authentication session in comparison with existing authentication schemes. In addition, our scheme eliminates the requirement of storing a lot of pseudo-identities in user's SIM card and supports batch verification feature at the server side to further enhance authentication efficiency. User revocation mechanism is also developed in the proposed scheme for occasions when it is necessary for a home server to revoke individual users. To evaluate security strength of the proposed scheme, the scheme has conducted security analysis through formal proof under Jakobsson et al.’s security model. In comparison with existing authentication schemes, our scheme provides faster authentication along with lower storage consumption in user's SIM card. Hence, the proposed scheme is a very competitive candidate on secure anonymous authentication for mobile roaming services.