Skip to main content

Advertisement

Springer Nature Link
Log in

An enhanced mutual authentication and key agreement scheme for mobile user roaming service in global mobility networks

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

Abstract

Roaming service is required in the ubiquitous access used in the global mobility networks (GLOMONETs) and the security is one of the most important issues. Many researchers focus their interests on authentication schemes for GLOMONETs. In 2015, Gope and Hwang, Zhang et al. and Farash et al. proposed their key agreement authentication schemes for GLOMONETs, respectively. However, we find weaknesses in them. Gope and Hwang’s scheme is under the off-line guessing attack and the de-synchronization attack. Moreover, it does not keep strong forward security and the session key is known by the home agent. Zhang et al.’s scheme has several weaknesses including vulnerability to the off-line guessing attack, destitution of password change phase, and the leakage of updated session key. Farash et al.’s scheme lacks user anonymity and strong forward secrecy and is vulnerable to the off-line password guessing attack. The session key is known to the home agent, too. Furthermore, neither Gope and Hwang’s scheme nor Farash et al.’s scheme has the session key update phase. To eliminate the problems, we present an improved authentication and key agreement scheme for GLOMONETs. According to the formal proof and the informal analysis, our scheme is well-performed and applicable.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Bresson E, Chevassut O, Pointcheval D (2003) Security proofs for an efficient password-based key exchange. In: Proceedings of the 10th ACM conference on Computer and communications security, ACM, pp 241–250

  2. Chang CC, Lee CY, Chiu YC (2009) Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Comput Commun 32(4):611–618

    Article  Google Scholar 

  3. Chen Y, Xu W, Xiong H (2015) Strongly secure certificateless key-insulated signature secure in the standard model. Ann Telecommun 70(9-10):395–405

    Article  Google Scholar 

  4. Farash MS, Chaudhry SA, Heydari M, Sadough S, Mohammad S, Kumari S, Khan MK (2015) A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security. International Journal of Communication Systems. doi:10.1002/dac.3019

  5. Gope P, Hwang T (2015) Enhanced secure mutual authentication and key agreement scheme preserving user anonymity in global mobile networks. Wirel Pers Commun 82(4):2231–2245

    Article  Google Scholar 

  6. Guo P, Wang J, Geng XH, Kim CS, Kim JU (2014) A variable threshold-value authentication architecture for wireless mesh networks. J Internet Technol 15(6):929–935

    Google Scholar 

  7. He D, Wang D (2015) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823

    Article  Google Scholar 

  8. He D, Zeadally S (2015) Authentication protocol for an ambient assisted living system. IEEE Commun Mag 53(1):71–77

    Article  Google Scholar 

  9. He D, Zhang Y, Chen J (2014) Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wirel Pers Commun 74(2):229–243

    Article  Google Scholar 

  10. He D, Kumar N, Chilamkurti N (2015) A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf Sci 321:263–277

    Article  Google Scholar 

  11. Jiang Q, Ma J, Li G, Yang L (2013) An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wirel Pers Commun 68(4):1477– 1491

    Article  Google Scholar 

  12. Jiang Q, Ma J, Lu X, Tian Y (2015a) An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Netw Appl 8:1070–1081. doi:10.1007/s12083-014-0285-z

  13. Jiang Q, Wei F, Fu S, Ma J, Li G, Alelaiwi A (2015b) Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dyn 83(4):2085–2101

  14. Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-health clouds. J Supercomput. doi:10.1007/s11227-015-1610-x

  15. Kim JS, Kwak J (2013) Secure and efficient anonymous authentication scheme in global mobility networks. J Appl Math 72(10):3826–3849

  16. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in Cryptology-CRYPTO’99, Springer, pp 388–397

  17. Lee CC, Hwang MS, Liao IE (2006) Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Trans Ind Electron 53(5):1683–1687

    Article  Google Scholar 

  18. Li X, Ma J, Wang W, Xiong Y, Zhang J (2013) A novel smart card and dynamic id based remote user authentication scheme for multi-server environments. Math Comput Model 58(1):85–95

    Article  Google Scholar 

  19. Malina L, Hajny J, Zeman V (2015) Usability of pairing-based cryptography on smartphones. In: Telecommunications and Signal Processing (TSP), 2015 38th International Conference on, IEEE, pp 617–621

  20. Mun H, Han K, Lee YS, Yeun CY, Choi HH (2012) Enhanced secure anonymous authentication scheme for roaming service in global mobility networks. Math Comput Model 55(1):214– 222

    Article  MathSciNet  MATH  Google Scholar 

  21. Ometov A, Masek P, Malina L, Florea R, Hosek J, Andreev S, Hajny J, Niutanen J, Koucheryavy Y (2016) Feasibility characterization of cryptographic primitives for constrained (wearable) iot devices. In: 2016 IEEE International conference on pervasive computing and communication workshops (PerCom Workshops), IEEE, pp 1–6

  22. Ren Y, Shen J, Wang J, Han J, Lee S (2015) Mutual verifiable provable data auditing in public cloud storage. J Internet Technol 16(2):317–323

    Google Scholar 

  23. Sangeetha D, Vaidehi V (2016) A secure cloud based personal health record framework for a multi owner environment. Ann Telecommun . doi:10.1007/s12243-016-0529-4

  24. Shin S, Yeh H, Kim K (2015) An efficient secure authentication scheme with user anonymity for roaming user in ubiquitous networks. Peer-to-Peer Netw Appl 8:674–683

    Article  Google Scholar 

  25. Wang D, Wang P, He D (2015) Anonymous two-factor authentication: Certain goals are beyond attainment. IEEE Transactions on Dependable and Secure Computing 12. doi:10.1109/TDSC.2014.2355850

  26. Wen F, Susilo W, Yang G (2013) A secure and effective anonymous user authentication scheme for roaming service in global mobility networks. Wirel Pers Commun 73(3):993– 1004

    Article  Google Scholar 

  27. Wu CC, Lee WB, Tsaur WJ (2008) A secure authentication scheme with anonymity for wireless communications. IEEE Commun Lett 12(10):722–723

    Article  Google Scholar 

  28. Wu F, Xu L (2015) An improved and provable self-certified digital signature scheme with message recovery. Int J Commun Syst 28(2):344–357. doi:10.1002/dac.2673

    Article  MathSciNet  Google Scholar 

  29. Wu F, Xu L, Kumari S, Li X, Das AK, Khan MK, Karuppiah M, Baliyan R (2016) A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks. Secur Commun Netw 9(16):3527–3542. doi:10.1002/sec.1558

    Article  Google Scholar 

  30. Xu L, Wu F (2015a) Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J Med Syst 39(2):1–9

  31. Xu L, Wu F (2015b) An improved and provable remote user authentication scheme based on elliptic curve cryptosystem with user anonymity. Secur Commun Netw 8(2):245–260. doi:10.1002/sec.977

  32. Youn TY, Park YH, Lim J (2009) Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Commun Lett 13(7):471–473

    Article  Google Scholar 

  33. Zhang G, Fan D, Zhang Y, Li X, Liu X (2015) A privacy preserving authentication scheme for roaming services in global mobility networks. Secur Commun Netw 8(16):2850–2859

    Article  Google Scholar 

  34. Zhu J, Ma J (2004) A new authentication scheme with anonymity for wireless environments. IEEE Trans Consum Electron 50(1):231–235

    Article  Google Scholar 

Download references

Acknowledgments

This research is supported by University Distinguished Young Research Talent Training Program of Fujian Province(Year 2016), Fujian Education and Scientific Research Program for Young and Middle-aged Teachers under Grant No. JA14369, the National Natural Science Foundation of China under Grant No. 61300220, and the Scientific Research Fund of Hunan Provincial Education Department under Grant no.16B089, and it is supported by PAPD and CICAEET. The authors also extend their appreciations to the Deanship of Scientific Research at King Saud University for its funding this Prolific Research Group (PRG-1436-16).

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Xiamen Institute of Technology, Xiamen, 361021, China

    Fan Wu

  2. School of Information Science and Technology, Xiamen University, Xiamen, 361005, China

    Lili Xu

  3. Department of Mathematics, Chaudhary Charan Singh University, Meerut, 250005, India

    Saru Kumari

  4. School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, 411201, China

    Xiong Li

  5. Center of Excellence in Information Assurance (COEIA), King Saud University, Riyadh, Saudi Arabia

    Muhammad Khurram Khan

  6. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, 500 032, India

    Ashok Kumar Das

Authors
  1. Fan Wu
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Lili Xu
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Saru Kumari
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Xiong Li
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Muhammad Khurram Khan
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Ashok Kumar Das
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Fan Wu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wu, F., Xu, L., Kumari, S. et al. An enhanced mutual authentication and key agreement scheme for mobile user roaming service in global mobility networks. Ann. Telecommun. 72, 131–144 (2017). https://doi.org/10.1007/s12243-016-0547-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-016-0547-2

Keywords