Abstract
Designing an anonymous user authentication scheme in global mobility networks is a non-trivial task because wireless networks are susceptible to attacks and mobile devices powered by batteries have limited communication, processing and storage capabilities. In this paper, we present a generic construction that converts any existing secure password authentication scheme based on a smart card into an anonymous authentication scheme for roaming services. The security proof of our construction can be derived from the underlying password authentication scheme employing the same assumptions. Compared with the original password authentication scheme, the transformed scheme does not sacrifice the authentication efficiency, and additionally, an agreed session key can be securely established between an anonymous mobile user and the foreign agent in charge of the network being visited. Furthermore, we present an instantiation of the proposed generic construction. The performance analysis shows that compared with other related anonymous authentication schemes, our instantiation is more efficient.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Suzukiz S, Nakada K (1997) An authentication technique based on distributed security management for the global mobility network. IEEE Journal on Selected Areas in Communications 15(8):1608–1617
Chen H, Xiao Y, Hong X, Hu F, Xie JL (2009) A survey of anonymity in wireless communication systems. Security and Communication Networks 2(5):427–444
Jiang Y, Lin C, Shen X, Shi M (2006) Mutual authentication and key exchange protocols for roaming services in wireless mobile networks. IEEE Transactions on Wireless Communications 5(9):2569–2577
Park J, Go J, Kim K. Wireless authentication protocol preserving user anonymity. In Proc. Symposium on Cryptography and Information Security (SCIS2001), Jan. 2001, pp.159–164.
Samfat D, Molva R, Asokan N. Untraceability in mobile networks. In Proc. the 1st Annual International Conference on Mobile Computing and Networking (ACM MobiCom1995), Nov. 1995, pp.26–36.
Tang C, Wu DO (2008) Mobile privacy in wireless networks-revisited. IEEE Transactions on Wireless Communications 7(3):1035–1042
Wan Z G, Ren K, Preneel B. A secure privacy-preserving roaming protocol based on hierarchical identity-based encryption for mobile networks. In Proc. the 1st ACM Conference on Wireless Network Security (WiSec 2008), March 31-April 2, 2008, pp.62–67.
Yang G, Wong DS, Deng X (2007) Anonymous and authenticated key exchange for roaming networks. IEEE Transactions on Wireless Communications 6(9):3461–3472
He D, Chan S, Chen C, Bu J, Fan R (2011) Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications 61(2):465–472
Li CT, Lee CC (2012) A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Mathematical and Computer Modelling 55(1/2):35–44
He D, Bu J, Chan S, Chen C, Yin M (2011) Privacy-preserving universal authentication protocol for wireless communications. IEEE Trans Wireless Communications 10(2):431–436
He Q, Wu D, Khosla P (2004) The quest for personal control over mobile location privacy. IEEE Communications Magazine 42(5):130–136
Tzeng W G. A secure system for data access based on anonymous authentication and time-dependent hierarchical keys. In Proc. the 1st ACM Symposium on Information, Computer and Communications Security, Mar. 2006, pp.223–230.
Huang XY, Xiang Y, Chonka A et al (2011) A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. IEEE Trans Parallel and Distributed Systems 22(8):1390–1397
Xu J, Zhu WT, Feng DG (2009) An improved smart card based password authentication scheme with provable security. Computer Standards & Interfaces 31(4):723–728
Wang RC, Juang WS, Lei CL (2011) Robust authentication and key agreement scheme preserving the privacy of secret key. Computer Communications 34(3):274–280
Schneier B (1996) Applied Cryptography, 2nd edn. John Wiley & Sons, Inc., New York
Menezes A J, van Oorschot P C, Vanstone S A. Handbook of Applied Cryptography. Boca Raton, FL: CRC Press LLC, 1997.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was supported by the National Basic Research 973 Program of China under Grant No. 2013CB338003, the National Natural Science Foundation of China under Grant Nos. 61170279 and 61272479, and the Strategic Priority Research Program of Chinese Academy of Sciences under Grant Nos. XDA06010701 and XDA06010702.
Electronic Supplementary Material
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Xu, J., Zhu, WT. A Generic Framework for Anonymous Authentication in Mobile Networks. J. Comput. Sci. Technol. 28, 732–742 (2013). https://doi.org/10.1007/s11390-013-1371-z
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-013-1371-z