Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services
An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2014-01-01
|
| Series: | The Scientific World Journal |
| Online Access: | http://dx.doi.org/10.1155/2014/687879 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832557098038198272 |
|---|---|
| author | Youngsook Lee Juryon Paik |
| author_facet | Youngsook Lee Juryon Paik |
| author_sort | Youngsook Lee |
| collection | DOAJ |
| description | An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme. |
| format | Article |
| id | doaj-art-61b95e0ce4d14a54be1922f37a132e43 |
| institution | Kabale University |
| issn | 2356-6140 1537-744X |
| language | English |
| publishDate | 2014-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | The Scientific World Journal |
| spelling | doaj-art-61b95e0ce4d14a54be1922f37a132e432025-02-03T05:43:36ZengWileyThe Scientific World Journal2356-61401537-744X2014-01-01201410.1155/2014/687879687879Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming ServicesYoungsook Lee0Juryon Paik1Department of Cyber Investigation Police, Howon University, 64 3-gil, Gunsan, Jeollabuk-do 573-718, Republic of KoreaDepartment of Computer Engineering, Sungkyunkwan University, 2066 Seoburo, Suwon, Gyeonggido 440-746, Republic of KoreaAn anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme.http://dx.doi.org/10.1155/2014/687879 |
| spellingShingle | Youngsook Lee Juryon Paik Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services The Scientific World Journal |
| title | Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services |
| title_full | Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services |
| title_fullStr | Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services |
| title_full_unstemmed | Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services |
| title_short | Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services |
| title_sort | security analysis and improvement of an anonymous authentication scheme for roaming services |
| url | http://dx.doi.org/10.1155/2014/687879 |
| work_keys_str_mv | AT youngsooklee securityanalysisandimprovementofananonymousauthenticationschemeforroamingservices AT juryonpaik securityanalysisandimprovementofananonymousauthenticationschemeforroamingservices |