Skip to main content
SpringerLink
Log in

A Secure and Effective Anonymous User Authentication Scheme for Roaming Service in Global Mobility Networks

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

In global mobility networks, anonymous user authentication is an essential task for enabling roaming service. In a recent paper, Jiang et al. proposed a smart card based anonymous user authentication scheme for roaming service in global mobility networks. This scheme can protect user privacy and is believed to have many abilities to resist a range of network attacks, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Jiang et al.’s scheme, and show that the scheme is in fact insecure against the stolen-verifier attack and replay attack. Then, we also propose a new smart card based anonymous user authentication scheme for roaming service. Compared with the existing schemes, our protocol uses a different user authentication mechanism, which does not require the home agent to share a static secret key with the foreign agent, and hence, it is more practical and realistic. We show that our proposed scheme can provide stronger security than previous protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Chang, C., Lee, J., & Chang, Y. (2005). Efficient authentication protocols of GSM. Computer Communications, 28(8), 921–928.

    Article  Google Scholar 

  2. Chang, C., Lee, C., & Chiu, Y. (2009). Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications, 32(4), 611–618.

    Article  Google Scholar 

  3. Chaum, D. (1985). Security without identification: Trunsactions systems to make big brother obsolete. Communications of the ACM, 28(10), 1030–1044.

    Article  Google Scholar 

  4. Das, A. (2013). A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. Networking Science, 2(1–2), 12–27.

    Google Scholar 

  5. ETSI TS 102 165–1 V4.1.1 Telecommunications and internet protocol harmonization over networks (TIPHON) release 4; protocol framework definition; methods and protocols for security; part 1: Threat analysis.

  6. Fatemi, M., Salimi, S., & Salahi, A. (2010). Anonymous roaming in universal mobile telecommunication system mobile networks. IET Information Security, 4(2), 93–103.

    Article  Google Scholar 

  7. He, D., Ma, M., Zhang, Y., & Chen, C. (2010). A strong user authentication scheme with smart cards for wireless communications. Computer Communications, 34(3), 367–374.

    Article  Google Scholar 

  8. He, D., Chan, S., Chen, C., & Bu, J. (2011). Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications, 61, 465–476.

    Article  Google Scholar 

  9. IEEE 1363–2000: IEEE Standard Specifications For Public Key Cryptography. Institute of Electrical and Electronics Engineers, 2000.

  10. Jiang, Q., Ma, J., Li, G., & Yang, L. (2013). An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wireless Personal Communications, 68, 1477–1491.

    Google Scholar 

  11. Lee, C., Hwang, M., & Liao, I. (2008). A new authentication protocol based on pointer forwarding for mobile communications. Wireless Communication and Mobile Computing, 8(5), 661–672.

    Article  Google Scholar 

  12. Lee, C., Hwang, M., & Yang, W. (2003). Extension of authentication protocol for GSM. IEE Proceedings Communications, 150(2), 91–95.

    Article  Google Scholar 

  13. Lee, C., Hwang, M., & Liao, I. (2006). Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Industrial Electronics, 53(5), 1683–1686.

    Article  Google Scholar 

  14. Lee, T., Chang, C., & Hwang, T. (2005). Private authentication techniques for the global mobility network. Wireless Personal Communications, 35(4), 329–336.

    Article  Google Scholar 

  15. Lee, J., Chang, J., & Lee, D. (2009). Security flaw of authentication scheme with anonymity for wireless communications. IEEE Communications Letters, 13(5), 292–293.

    Article  Google Scholar 

  16. Menezes, A., Van Oorschot, P., & Vanstone, S. (1997). Handbook of applied cryptography. Boca Raton, FL: CRC.

    MATH  Google Scholar 

  17. Rosen, K. (1988). Elementary number theory and its applications. Reading, MA: Addison-Wesley.

    MATH  Google Scholar 

  18. Syverson, P. (1994), A taxonomy of replay attacks. In Proceedings IEEE computer security foundations workshop VII, pp. 131–136.

  19. Wang, R., Juang, W., & Lei, C. (2009). A robust authentication scheme with user anonymity for wireless environments. International Journal of Innovative Computing, Information and Control, 5(4), 1069–1080. http://grouper.ieee.org/groups/1363/.

  20. Wang, R., Juang, W., & Lei, C. (2011). Robust authentication and key agreement scheme preserving the privacy of secret key. Computer Communications, 34(3), 274–280.

    Google Scholar 

  21. Wu, C., Lee, B., & Tsaur, W. (2008). A secure authentication scheme with anonymity for wireless communications. IEEE Communications Letters, 12(10), 722–723.

    Article  Google Scholar 

  22. Yang, G., Wong, D., Wang, H., & Deng, X. (2008). Two-factor mutual authentication based on smart cards and passwords. Journal of Computer and System Sciences, 74(7), 1160–1172.

    Google Scholar 

  23. Yang, G., Wong, D., & Deng, X. (2007). Anonymous and authenticated key exchange for roaming networks. IEEE Transactions on Wireless Communications, 6(9), 1035–1042.

    Google Scholar 

  24. Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics, 51(1), 230–234.

    MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Mathematical Sciences, University of Jinan, Jinan, 250022, China

    Fengtong Wen

  2. School of Computer Science and Software Engineering, University of Wollongong, Wollongong, NSW, 2522, Australia

    Fengtong Wen, Willy Susilo & Guomin Yang

Authors
  1. Fengtong Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Willy Susilo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guomin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fengtong Wen.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Wen, F., Susilo, W. & Yang, G. A Secure and Effective Anonymous User Authentication Scheme for Roaming Service in Global Mobility Networks. Wireless Pers Commun 73, 993–1004 (2013). https://doi.org/10.1007/s11277-013-1243-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-013-1243-4

Keywords

Search

Navigation