nach oben

Erschienen in:

19.05.2017

A Secure Anonymity Preserving Authentication Scheme for Roaming Service in Global Mobility Networks

verfasst von: Vanga Odelu, Soumya Banerjee, Ashok Kumar Das, Samiran Chattopadhyay, Saru Kumari, Xiong Li, Adrijit Goswami

Erschienen in: Wireless Personal Communications | Ausgabe 2/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In real-life applications, ensuring secure transmission of data over public network channels to prevent malicious eavesdropping of the data is an important issue. Several potential security risks arise while protecting data and providing access control over the data. Due to the broadcast nature of the wireless channels, wireless networks are often vulnerable to various possible known attacks. Therefore, designing a secure and efficient authentication scheme in the global mobility network (GLOMONET) environment becomes a challenging task to the researchers. In recent years, several user authentication schemes for roaming services in GLOMONET have been proposed. However, most of them are either vulnerable to various known attacks or they are inefficient. Most recently, Zhao et al. proposed an anonymous authentication scheme for roaming service in GLOMONET (Zhao et al. in Wireless Personal Communications 78:247–269, 2014) and they claimed that their scheme can withstand all possible known attacks. In this paper, Zhao et al.’s scheme is revisited, and it is shown that their scheme fails to provide strong user anonymity when the session-specific temporary information are revealed to an adversary. Further, their scheme does not protect replay attack, offline password guessing attack and privileged-insider attack. In addition, there is no provision for revocation and re-registration mechanism in their scheme and also there exists design flaw in their schemeu. Moreover, another recently proposed Memon et al.’s scheme (Memon et al. in Wireless Personal Communications 84:1487–1508, 2015) fails to protect the privileged-insider attack. Thus, there is a great need to provide security enhancement of their schemes in order to apply in practical applications. The proposed scheme withstands the security weaknesses found in Zhao et al.’s scheme and Memon et al.’s scheme. Through the rigorous formal and informal security analysis, it is shown that the proposed scheme has the ability to tolerate various known attacks. In addition, the proposed scheme is simulated using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications tool and the simulation results reveal that the proposed scheme is secure. The proposed scheme is also efficient in computation and communication as compared to Zhao et al.’s scheme and other related schemes.

Vorheriger Artikel A Novel TDOA-Based Localization Algorithm Using Asynchronous Base Stations

Nächster Artikel Gain Enhancement of Microstrip Patch Antenna Loaded with Split Ring Resonator Based Relative Permeability Near Zero as Superstrate

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Advanced Encryption Standard, U.S. Department of Commerce, November 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf. Accessed Nov 2010.

AVISPA. Automated Validation of Internet Security Protocols and Applications. http://www.avispa-project.org/. Accessed Aug 2015.

AVISPA. AVISPA Web Tool. http://www.avispa-project.org/web-interface/expert.php/. Accessed Aug 2015.

Bellare, M., Boldyreva, A., & Micali, S. (2000). Public-key encryption in a multi-user setting: Security proofs and improvements. In Advances in cryptology—EUROCRYPT 2000 (pp. 259–274). Springer.

Bellare, M., Canetti, R., & Krawczyk, H. (1998). A modular approach to the design and analysis of authentication and key exchange protocols. In Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing (STOC) (pp. 419–428). Dallas: ACM.

Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8(1), 18–36.CrossRefMATH

Canetti, R., & Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In Advances in cryptology—EUROCRYPT 2001 (pp. 453–474). Innsbruck: Springer.

Chang, C., Lee, C., & Chiu, Y. (2009). Enhanced authentication scheme with anonymity for roaming service in global networks. Computer Communications, 34(4), 611–618.CrossRef

Das, A. K. (2011). Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Information Security, 5(3), 145–151.CrossRef

10.

Das, A. K. (2013). A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. Networking Science, 2(1–2), 12–27.CrossRef

11.

Das, A. K. (2016). A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Networking and Applications, 9(1), 223–244.

12.

Das, A. K., & Goswami, A. (2013). A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems, 37(3), 9948.CrossRef

13.

Das, A. K., Paul, N. R., & Tripathy, L. (2012). Cryptanalysis and improvement of an access control in user hierarchy based on elliptic curve cryptosystem. Information Sciences, 209, 80–92.MathSciNetCrossRefMATH

14.

Das, A. K. (2015). A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks. Wireless Personal Communications, 82(3), 1377–1404.CrossRef

15.

Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.MathSciNetCrossRefMATH

16.

Dutta, R., & Barua, R. (2008). Provably secure constant round contributory group key agreement in dynamic setting. IEEE Transactions on Information Theory, 54(5), 2007–2025.MathSciNetCrossRefMATH

17.

Gope, P., & Hwang, T. (2015). Enhanced secure mutual authentication, and key agreement scheme preserving user anonymity in global mobile networks. Wireless Personal Communications, 82(4), 2231–2245.CrossRef

18.

Gope, P., & Hwang, T. (2016). Lightweight and energy-efficient mutual authentication and key agreement scheme with user anonymity for secure communication in global mobility networks. IEEE Systems Journal, 10(4), 1370–1379.CrossRef

19.

He, D., Ma, M., Zhang, Y., Chen, C., & Bu, J. (2011). A strong user authentication scheme with smart cards for wireless communications. Computer Communications, 34(3), 367–374.CrossRef

20.

He, D., Zhang, Y., & Chen, J. (2014). Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wireless Personal Communications, 74(2), 229–243.CrossRef

21.

Jiang, Q., Ma, J., Li, G., & Yang, L. (2013). An enhanced authentication scheme with privacy preservation for roaming services in global mobility networks. Wireless Personal Communications, 68(4), 1477–1491.CrossRef

22.

Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Advances in cryptology—CRYPTO’99 (pp. 388–397). California: Springer.

23.

Lee, C., Hwang, M., & Liao, I. (2006). Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Industrial Electronics, 53(5), 1683–1686.CrossRef

24.

Li, C. T., & Lee, C. (2012). A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Mathematical and Computer Modelling, 55(1–2), 35–44.MathSciNetCrossRefMATH

25.

Li, X., Niu, J.-W., Ma, J., Wang, W.-D., & Liu, C.-L. (2011). Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 34, 73–79.CrossRef

26.

Memon, I., Hussain, I., Akhtar, R., & Chen, G. (2015). Enhanced Privacy and Authentication: An Efficient and Secure Anonymous Communication for Location Based Service Using Asymmetric Cryptography Scheme. Wireless Personal Communications, 84(2), 1487–1508.CrossRef

27.

Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.MathSciNetCrossRef

28.

Mun, H., Han, K., Lee, Y. S., Yeun, C. Y., & Choi, H. H. (2012). Enhanced secure anonymous authentication scheme for roaming service in global mobility networks. Mathematical and Computer Modelling, 55, 214–222.MathSciNetCrossRefMATH

29.

Nickalls, R. W. D. (1993). A new approach to solving the cubic: Cardan’s solution revealed. The Mathematical Gazette, 77(480), 354–359.CrossRef

30.

Odelu, V., Das, A. K., & Goswami, A. (2014). A secure effective key management scheme for dynamic access control in a large leaf class hierarchy. Information Sciences, 269, 270–285.MathSciNetCrossRefMATH

31.

Odelu, V., Das, A. K., & Goswami, A. (2015). A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Transactions on Information Forensics and Security, 10(9), 1953–1966.CrossRef

32.

Odelu, V., Das, A. K., & Goswami, A. (2015). DMAMA: Dynamic migration access control mechanism for mobile agents in distributed networks. Wireless Personal Communications, 84(1), 207–230.CrossRef

33.

Odelu, V., Das, A. K., & Goswami, A. (2015). An effective and robust secure remote user authenticated key agreement scheme using smart cards in wireless communication systems. Wireless Personal Communications,. doi:10.1007/s11277-015-2721-7.

34.

Odelu, V., Das, A. K., & Goswami, A. (2015). A secure and scalable group access control scheme for wireless sensor networks. Wireless Personal Communications,. doi:10.1007/s11277-015-2866-4.

35.

Sarkar, P. (2010). A simple and generic construction of authenticated encryption with associated data. ACM Transactions on Information and System Security, 13(4), 33.CrossRef

36.

Stallings, W. (2006). Cryptography and network security: Principles and practices (3rd ed.). Pearson Education India.

37.

von Oheimb, D. (2005). The high-level protocol specification language HLPSL developed in the EU project AVISPA. In Proceedings of APPSEM 2005 Workshop.

38.

Wang, D., He, D., Wang, P., & Chu, C. (2015). Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment. IEEE Transactions on Dependable and Secure Computing, 12(4), 428–442.CrossRef

39.

Wen, F., Susilo, W., & Yang, G. (2013). A secure and effective user authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 73(3), 993–1004.CrossRef

40.

Wu, C., Lee, W., & Tsaur, W. (2008). A secure authentication scheme with anonymity for wireless communications. IEEE Communications Letters, 12(10), 722–723.CrossRef

41.

Wu, S., & Chen, K. (2012). An efficient key-management scheme for hierarchical access control in e-medicine system. Journal of Medical Systems, 36(4), 2325–2337.CrossRef

42.

Zhao, D., Peng, H., Li, L., & Yang, Y. (2014). A secure and effective anonymous authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 78(1), 247–269.CrossRef

43.

Zhou, T., & Xu, J. (2011). Provable secure authentication protocol with anonymity for roaming service in global mobility networks. Computer Networks, 55(1), 205–213.MathSciNetCrossRefMATH

44.

Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics, 55(1), 230–234.

Titel: A Secure Anonymity Preserving Authentication Scheme for Roaming Service in Global Mobility Networks
verfasst von: Vanga Odelu
Soumya Banerjee
Ashok Kumar Das
Samiran Chattopadhyay
Saru Kumari
Xiong Li
Adrijit Goswami
Publikationsdatum: 19.05.2017
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 2/2017
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-017-4302-4

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Kryptowährungen/© gopixa / Getty Images / iStock, MG4 aus China auf dem Prüfstand im ADAC-Technik-Zentrum in Landsberg am Lech/© ADAC e.V., Chassis eines Elektrofahrzeugs/© chesky / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2017

An Improved Weighted K-Nearest Neighbor Algorithm for Indoor Positioning

Extracting Narrow-Band Signal from a Chaotic Background with LLVCR

ACO and PSO Algorithms for Developing a New Communication Model for VANET Applications in Smart Cities

An Intelligent Secured and Energy Efficient Routing Algorithm for MANETs

A DOA-Based Spatial Information Focusing Scheme for Mobile Multi-users in A 2 × 1 MISO System

An Alternative Architecture for SIM-Based Mobile NFC Services

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.