Security analysis and enhanced user authentication in proxy mobile IPv6 networks.

Dongwoo Kang,Dongho Won,Jaewook Jung,Hyoungshick Kim,Donghoon Lee

doi:10.1371/journal.pone.0181031

Dongwoo Kang, Dongho Won + Show 3 more

Open Access

PDF Available

https://doi.org/10.1371/journal.pone.0181031

Copy DOI

Export

Save

Cite

Journal: PLOS ONE	Publication Date: Jul 18, 2017
Citations: 8	License type: CC BY 4.0

Affiliation: Sungkyunkwan University

Abstract
Highlights/Summary
Full-Text PDF
Similar Papers

Abstract

Listen

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN’s identity, password and session key. In this paper, we analyze Alizadeh et al.’s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

Highlights

IntroductionThe mobile-device market has grown rapidly, and with the increasing availability of wireless Internet access, various services including browsing, file-sharing, and shopping are becoming increasingly available regardless of the time and place
In recent years, the mobile-device market has grown rapidly, and with the increasing availability of wireless Internet access, various services including browsing, file-sharing, and shopping are becoming increasingly available regardless of the time and place
The Mobility Support in IPv6 (MIPv6) imposes a burden on the mobile terminal by increasing the resource usage, and this is due to the signaling between the mobile terminal and the access router and the implementation of a complicated standard specification in a mobile terminal with limited resources

Summary

Introduction

The mobile-device market has grown rapidly, and with the increasing availability of wireless Internet access, various services including browsing, file-sharing, and shopping are becoming increasingly available regardless of the time and place. A lot of research have been proposed on the authentication process between MN and Mobile Access Gate (MAG) [4]. SPAM has several vulnerabilities which is susceptible to impersonation attack and password guessing attack, ignore the MAG and LMA anonymity [11] To complement with these security drawbacks, Alizadeh et al proposed a new authentication scheme with revocation process in 2015 [12]. We introduce some preliminaries, including the structure of PMIPv6, the hash function based on both Alizadeh et al.’s and our proposed scheme. The MAG monitors the movement of the MN on the access link and transmits the MN’s mobile signaling message to the LMA instead of the MN, while the LMA acts as the HA for the MN in the PMIPv6 domain.

Collision Resistance

Conclusion