Roaming Authentication Scheme Research Articles

A Distributed Authentication Scheme Based on Smart Contract for Roaming Service in Mobile Vehicular Networks

Secure and real-time communication is an essential condition in mobile vehicular networks, and this requires secure authentication and seamless access enabled by roaming services. As a security inspector, roaming authentication ensures that legitimate users can access the network securely. However, today’s roaming authentication protocols authenticate users with the help of centralized authentication servers, leading to the risk of the single point of failure and roaming fraud. The massive device access in 5G networks further exacerbates the losses when problems occur. In light of it, we propose a decentralized fraud-proof roaming authentication framework based on blockchain. We leverage smart contracts to implement a roaming authentication protocol, including user/AP registration, authentication, and revocation. For higher efficiency, we utilize the Bloom filter for the revocation process. In addition, we design an unforgeable and undeniable billing scheme based on hash chain technology. Security and performance analysis show that the proposed roaming authentication scheme can provide the required security features while incurring an acceptable authentication delay.

A provably secure ECC-based roaming authentication scheme for global mobility networks

The advent of Internet of Things have paved the way for providing smart services for mobile users in the smart city. Due to the rapid movement of users and their fast information exchange, the global mobility network (GLOMONET) is a proper candidate to be used as the communication platform to provide roaming services. However, privacy and security preservation of mobile users becomes an important issue due to the open and public nature of communication channels. To address this issue, many roaming authentication schemes have been recently proposed. In this article, we first review the work presented by Ghahramani et al., and demonstrate its weaknesses. We then propose a provably secure and efficient authentication and key agreement scheme for roaming users in GLOMONETs in the smart city. To evaluate the performance of the proposed scheme, we first perform a comprehensive descriptive discussion on security preservation and utilise the widely accepted Scyther tool. We then consider the computational complexity and communication overhead of the proposed scheme, and compare it with the recent related work. The results demonstrate the outperformance of the proposed scheme in terms of very low computation and communication overhead as well as resistance against well-known security attacks.

A Lattice-Based Authentication Scheme for Roaming Service in Ubiquitous Networks with Anonymity

In the ubiquitous networks, mobile nodes can obtain roaming service that enables them to get access to the services extended by their home networks in the field of foreign network. To provide secure and anonymous communication for legal mobile users in roaming services, there should be a mutual authentication between mobile user and foreign agent with the help of home agent. There are many roaming authentication schemes which have been proposed; however, with the progress of quantum computation, quantum attack poses security threats to many traditional public key cryptography-based authentication schemes; thus, antiquantum attack roaming authentication schemes need to be investigated. On account of the limitation of computational resources for mobile nodes, a lightweight anonymous and antiquantum authentication schemes need to be developed to enable mobile nodes to roam across multiple service domains securely and seamlessly. In consideration of the advantages of lattice in antiquantum, an NTRU-based authentication scheme with provable security and conditional privacy preservation is proposed to remedy these security weaknesses. Compared with the existing scheme, the proposed scheme not only improves efficiency but also can resist the quantum attack.

A Privacy Preserving Authentication Scheme for Roaming in IoT-Based Wireless Mobile Networks

The roaming service enables a remote user to get desired services, while roaming in a foreign network through the help of his home network. The authentication is a pre-requisite for secure communication between a foreign network and the roaming user, which enables the user to share a secret key with foreign network for subsequent private communication of data. Sharing a secret key is a tedious task due to underneath open and insecure channel. Recently, a number of such schemes have been proposed to provide authentication between roaming user and the foreign networks. Very recently, Lu et al. claimed that the seminal Gopi-Hwang scheme fails to resist a session-specific temporary information leakage attack. Lu et al. then proposed an improved scheme based on Elliptic Curve Cryptography (ECC) for roaming user. However, contrary to their claim, the paper provides an in-depth cryptanalysis of Lu et al.’s scheme to show the weaknesses of their scheme against Stolen Verifier and Traceability attacks. Moreover, the analysis also affirms that the scheme of Lu et al. entails incorrect login and authentication phases and is prone to scalability issues. An improved scheme is then proposed. The scheme not only overcomes the weaknesses Lu et al.’s scheme but also incurs low computation time. The security of the scheme is analyzed through formal and informal methods; moreover, the automated tool ProVerif also verifies the security features claimed by the proposed scheme.

Cryptanalysis and improvement of authentication scheme for roaming service in ubiquitous network

The paper analyzes a recently proposed secure authentication and key agreement scheme for roaming service in a ubiquitous network. In 2018, Lee et al. proposed a biometric-based anonymous authentication scheme for roaming in ubiquitous networks. But, we found that Lee et al. scheme is prone to the off-line dictionary attack when a user’s smart device is stolen, replay attack due to static variables and de-synchronization attack when an adversary blocks a message causing failure of authentication mechanism. Further, the scheme lacks no key control property and has incorrect XOR calculation. In the sequel, we presented an improved biometric based scheme to remove the weaknesses in Lee et al.’s scheme, which also does not require an update of identity in every session, hence preventing de-synchronization attack. Also, the security of the proposed schemes were analyzed in a widely accepted random oracle model. Further, computational and communication cost comparisons indicate that our improved scheme is more suitable for ubiquitous networks.

Security enhancement of an anonymous roaming authentication scheme with two-factor security in smart city

Due to the popularization and application of mobile phones and the Fifth Generation (5G) communication technology in the smart city, it's easy for people to use the internet service at anytime and anywhere. While providing convenience, mobile networks face a series of challenges in security and privacy protection due to the ability of the terminal. Recently, Xiong et al. designed an anonymous authentication scheme based on elliptic curve cryptography (ECC) for roaming in smart city. However, we show that their scheme lacks of two-factor security, and suffers from impersonation attack. To fix these problems, an improved roaming authentication protocol with two-factor security is proposed, which is security by using applied pi calculus based formal validation tool ProVerif, and it has high computational efficiency by comparison with some related schemes.

AnFRA: Anonymous and Fast Roaming Authentication for Space Information Network

Nowadays, the Space Information Network (SIN) has been widely used in real life because of its advantages of communicating anywhere at any time. This feature is leading to a new trend that traditional wireless users are willing to roam to SIN to obtain a better service. However, the features of exposed links and higher signal latency in SIN make it difficult to design a secure and fast roaming authentication scheme for this new trend. Although some existing researches have been focused on designing secure authentication protocols for SIN or providing roaming authentication protocols for traditional wireless networks, these schemes cannot provide adequate requirements for the roaming communication in SIN and bring in critical issues, such as the privacy leakage or intolerable authentication delay. Observing these problems have not been well addressed, we design an anonymous and fast roaming authentication scheme for SIN. In our scheme, we utilize the group signature to provide the anonymity for roaming users, and assume that the satellites have limited computing capacity and make them have the defined authentication function to avoid the real-time involvement of the home network control center when authenticating the roaming users. The results of security and performance analysis show that the proposed scheme can provide the required security features, while providing a small authentication delay.

An improved anonymous authentication scheme for roaming in ubiquitous networks.

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous networks are deployed throughout people’s lives. To meet the challenge, the user authentication schemes in ubiquitous networks should ensure the essential security properties for the preservation of the privacy with low computational cost. In 2017, Chaudhry et al. proposed a password-based authentication scheme for the roaming in ubiquitous networks to enhance the security. Unfortunately, we found that their scheme remains insecure in its protection of the user privacy. In this paper, we prove that Chaudhry et al.’s scheme is vulnerable to the stolen-mobile device and user impersonation attacks, and its drawbacks comprise the absence of the incorrect login-input detection, the incorrectness of the password change phase, and the absence of the revocation provision. Moreover, we suggest a possible way to fix the security flaw in Chaudhry et al’s scheme by using the biometric-based authentication for which the bio-hash is applied in the implementation of a three-factor authentication. We prove the security of the proposed scheme with the random oracle model and formally verify its security properties using a tool named ProVerif, and analyze it in terms of the computational and communication cost. The analysis result shows that the proposed scheme is suitable for resource-constrained ubiquitous environments.

RETRACTED ARTICLE: Research on the access control protocol Priccess design of network privacy protection

To provide a more reliable security for the network privacy, the access control protocol Priccess design of network privacy protection was studied. First of all, this paper presented the problems in wireless network security, and points out the key technologies, including privacy protection, user authentication, trust management, network security communication architecture and other technologies. Then, it made a brief analysis of the composition of the Priccess protocol, a wireless communication network in the roaming authentication scheme and wireless sensor network privacy data protection scheme. Furthermore, the roaming authentication scheme and wireless sensor networks data privacy protection in a wireless communication network was established. Finally, the results of the evaluation of the message load of Priccess protocol proved it was efficient for most of the user access devices, which could provide more efficient protection for the privacy of the network communication.

Chaotic Maps-Based Strong Anonymous Authentication Scheme for Roaming Services in Global Mobility Networks

Traditional smart card and password based two-factor authentication schemes for roaming services in global mobility networks are based on public key or symmetric key cryptographic primitives. With the advancement of chaos-based cryptography, it has become an interesting topic to investigate if it can be used as an alternative tool for building mobile roaming authentication schemes that achieve higher efficiency and security. In this paper, we answer this question affirmatively by proposing a chaotic maps-based authentication scheme for roaming. The scheme supports authentication, security and strong anonymity using the applied pi calculus-based formal verification tool ProVerif. Besides, it applies the efficient Chebyshev polynomial computation for better performance.

A privacy preserving authentication scheme for roaming in ubiquitous networks

Ubiquitous networks enable mobile users to communicate with each other efficiently and independently without the need of inventing agent. This approach is proved to be delay and spectral efficient. Due to the nature of underlying Big data, such networks are prone to several security and privacy challenges. Because such gigantic data is not only difficult to store, maintain and manipulate but Big data’s open architecture makes the security threats inevitable. Therefore, incorporating authentication between mobile node and foreign network during roaming in ubiquitous networks has become a tedious task. Very recently, Farash et al. found a number of weaknesses in the schemes proposed by Wen et al. and Shin et al. Furthermore, Farash et al. proposed an enhanced scheme for roaming user in ubiquitous network. However, after thorough investigation, we show fragilities of Farash et al.’s scheme against (1) mobile user anonymity violation; (2) disclosure of secret parameter of mobile node; (3) session key disclosure; and (4) mobile node impersonation attacks. Therefore, we propose an improved scheme to fix these fragilities. We analyze the security of proposed scheme using popular automated verification tool ProVerif. The analysis confirms that the proposed scheme resists the known attacks while having quite low overhead as compared with Farash et al.’s scheme. Therefore, in order to get better performance proposed scheme is a suitable candidate to be employed along with supercomputing systems for dealing the security challenges of big data in ubiquitous networks.

A Privacy-Preserving Roaming Authentication Scheme for Ubiquitous Networks

A privacy-preserving roaming authentication scheme (PPRAS) for ubiquitous networks is proposed, in which a remote mobile user can obtain the service offered by a foreign agent after being authenticated. In order to protect the mobile user’s privacy, the user presents an anonymous identity to the foreign agent with the assistance of his or her home agent to complete the authentication. After that, the user and the foreign agent can establish a session key using the semi-group property of Chebyshev polynomial. In this way, huge burden of key management is avoided. Furthermore, the user can update the login password and the session key between itself and the foreign agent if necessary. The correctness is proved using BAN logic, and the performance comparison against the existing schemes is given as well.

A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security

SummaryUbiquitous networks provide roaming service for mobile nodes enabling them to use the services extended by their home networks in a foreign network. A mutual authentication scheme between the roamed mobile node and the foreign network is needed to be performed through the home network. Various authentication schemes have been developed for such networks, but most of them failed to achieve security in parallel to computational efficiency. Recently, Shin et al. and Wen et al. separately proposed two efficient authentication schemes for roaming service in ubiquitous networks. Both argued their schemes to satisfy all the security requirements for such systems. However, in this paper, we show that Shin et al.'s scheme is susceptible to: (i) user traceability; (ii) user impersonation; (iii) service provider impersonation attacks; and (iv) session key disclosure. Furthermore, we show that Wen et al.'s scheme is also insecure against: (i) session key disclosure; and (ii) known session key attacks. To conquer the security problems, we propose an improved authentication scheme with anonymity for consumer roaming in ubiquitous networks. The proposed scheme not only improved the security but also retained a lower computational cost as compared with existing schemes. We prove the security of proposed scheme in random oracle model. Copyright © 2015 John Wiley & Sons, Ltd.

Privacy-Preserving Mobile Roaming Authentication with Security Proof in Global Mobility Networks

Mobile roaming authentication scheme achieves the mutual authentication and session key establishment between the mobile user and the foreign agent. In 2013, Xie et al. pointed out that Chen et al.'s scheme is vulnerable to offline password attack, and does not achieve fair session key generation, user untraceability, user friendliness, and perfect forward secrecy, and then they proposed an improved scheme. In this paper, we propose an improvement of Xie et al.'s scheme, since the foreign agent may confuse the mobile users when multiple mobile users simultaneously access the foreign agent in Xie et al.'s scheme. Further, we prove the formal security of the proposed scheme, and present the performance comparison between our scheme and some related schemes. The proposed scheme is more efficient and secure than other related schemes and is suitable for using in the global mobility network.

An efficient and secure anonymous mobility network authentication scheme

The demands of Internet users are steadily increasing. Many users access Internet services through mobile devices via wireless networks. To prevent disclosure of private data, researchers have proposed various anonymous roaming authentication schemes which apply different technologies to provide integral security properties, such as symmetric and asymmetric encryption, digital signature, timestamp, etc. Unfortunately, some of these schemes still exhibit security and efficiency issues. In order to provide tripartite authentication and enhance efficiency, we propose an efficient and secure anonymous authentication scheme for mobility networks. According to our performance and security analysis, we can prove that our proposed scheme is able to enhance efficiency and improve security in comparison to previous schemes.

An Anonymous Roaming Payment System with Low Communication Cost by Using Group Signatures

 Abstract—Mobile devices (e.g., PDAs, smart phones and notebooks) currently have become the trend for personal use and are equipped with the capability of wireless communications. To authenticate the mobile user who transfers to the foreign area, the roaming authentication protocol is needed and usually requested for low costs to meet the requirements of lightweight communication devices. With the development of powerful functionalities on the mobile devices, the roaming payment service seems to be practical and with high commercial value. This paper proposes an efficient roaming payment protocol with low communication costs by using group signatures, inspired by the roaming authentication schemes proposed by Yang et al. and He et al. The major contribution of this paper is to integrate the PayWord-based micropayment scheme and the group signature scheme to enhance the effectiveness of the anonymous signatures and extend the fast authentication in roaming to perform lightweight payments by using hash chains. Index Terms—Mobile payment, secure wireless communication, group signature, roaming authentication.

An Improved Hand-off Algorithm Based on Roaming Authentication Scheme

An Improved Hand-off Algorithm Based on Roaming Authentication Scheme