Abstract
An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.'s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.'s scheme can be addressed without degrading the efficiency of the scheme.
Highlights
As wireless network and communication technologies advance, there has been a dramatic increase in the use of lightweight computing devices, such as sensors, smart phones, and tablet PCs, being used in our daily lives
Authentication and key establishment between the mobile user and the foreign agent should be achieved via assistance of the home agent to prevent illegal usages of the network and to protect their subsequent communications
Combining the above modifications together yields an improved authentication scheme described in Algorithm 2. Our scheme improves He et al.’s scheme in various aspects: (1) it enjoys the anonymity of the mobile user MU against any parties other than the home agent HA, including the foreign agent FA; (2) it withstands offline dictionary attacks even when the information in the smart card is disclosed; (3) it protects the security of session keys against man-in-the-middle attacks
Summary
As wireless network and communication technologies advance, there has been a dramatic increase in the use of lightweight computing devices, such as sensors, smart phones, and tablet PCs, being used in our daily lives. (Note, here, that the timestamp T3 (received from HA) is used in generating the ciphertext CFM since MU will need it to check the validity of σ.) FA sends the message M4 = ⟨IDFA, T3, B, CFM⟩ to MU and computes the session key sk = H(KFM + 1). He et al.’s scheme does not provide user anonymity against the foreign agent FA This weakness is straightforward to see as the identity of MU, IDMU, is given to FA via the ciphertext CHF (see Step 4 of the login and key agreement phase of the scheme). Weakness 2 is due to the fact that EIDMU is computed using the bitwise XOR operation when the multiplicative subgroup of Z∗p is not closed under the XOR operation This design flaw allows an adversary to find out the password pwMU group by mounting an is much smaller offline dictionary attack if the subthan Z∗p. Man-in-the-middle attacks similar to the attack above have been presented against various key exchange protocols; see, for example, [20, 21]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
