Improvement of user authentication protocol with anonymity for wireless communications
Keywords:
Authentication, Key agreement, mobile networks, security, smart card.Abstract
To design a mobile user authentication protocol with anonymity for the global mobile network is a challenge, since wireless network is more vulnerable to attacks and mobile terminals’ computational power is limited. In 2012, Li & Lee proposed a user authentication and privacy preserving scheme with smart card for wireless communications. In this paper, we improve the adversary model of this type of authentication scheme, and then demonstrate that Li & Lee’s scheme is vulnerable to off-line password guessing attack. To remedy this security weakness, an improved scheme is proposed, which is more efficient than Li & Lee’s scheme.
References
Chang, C. C., Lee, C. Y. Chiu, Y. C. 2009. Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications 32(4): 611-618.
Chen,C., He, D., Chan, S., Bu, J., Gao Y. Fan, R. 2011. Lightweight and provably secure user authentication with anonymity for the global mobility network. International Journal of Communication Systems 24(3):347-362.
He, D., Ma, M., Zhang, Y., Chen, C. Bu, J. 2011. A strong user authentication scheme with smart cards for wireless communications. Computer Communications 34(3):367-374.
Jiang, Q., Ma, J., Li, G. Yang, L. 2012. An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wireless Personal Communications. DOI 10.1007/s11277-012-0535-4.
Lee, C. C., Hwang, M. S. Liao, I. E. 2006. Security enhancementon a new authentication scheme with anonymityfor wireless environments. IEEE Trans. Ind. Electron 53(5): 1683-1687.
Lee, J. S. Chang, C. C. 2007. Secure communications for cluster-based adhoc networks using node identities.Journal of Network and Computer Applications. 30 (4): 1377-1396.
Li, C. T., Hwang, M. S. Chu Y. P. 2008. A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks. Computer Communications 31(12): 2803-2814.
Li, C. T. Lee, C. C. 2012. A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Mathematical and Computer Modelling 55(1-2):35-44.
Li, W., Wen, Q., Su, Q. Jin, Z. 2012. An efficient and secure mobile payment protocol for restricted connectivity scenarios in vehicular ad hoc network. Computer Communications 35(0):188-195.
Mun, H., Han, K., Lee, Y. S., Yeun, C. Y. Choi, H. H. 2012. Enhanced secure anonymous authentication scheme for roaming service in global mobility networks. Mathematical and Computer Modelling 55(1-2): 214-222.
Wang, D. Ma, C. 2012. Robust smart card based password authentication scheme against smart card loss problem. IACR Cryptology ePrint Archive 439-439.
Wang, Y. G. 2012. Password protected smart card and memory stick authentication against off-line dictionary attacks.In: Gritzalis, D., Furnell, S., M., T. (eds.). Springer Boston. SEC 2012, IFIP AICT, 376: 489-500.
Wu, C. C., Lee, W. B. Tsaur, W. J. 2008. A secure authentication scheme with anonymity for wireless communications. IEEE Communications Letters 12(10):722-723.
Xu, J., Zhou, W. T. Feng, D. G. 2011. An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks. Computer Communications 34(3): 319-325.
Youn, T. Y., Park, Y. H. Li, M. J. 2009. Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Communications Letters 13(7): 1118-1123.
Zhu, J. Ma, J. 2004. A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics 50(1): 230-234.