TY - GEN
T1 - A secure and lightweight user authentication scheme with anonymity for the global mobility network
AU - He, Daojing
AU - Chan, Sammy
PY - 2010
Y1 - 2010
N2 - Designing a user authentication protocol with anonymity for the global mobility network (GLOMONET) is a difficult task because wireless networks are more susceptible to attacks and each user has limited energy, processing and storage resources. Recently, some authentication schemes with user anonymity for the GLOMONET have been proposed. This paper shows some weaknesses in those schemes. As the main contribution of this paper, a secure and lightweight user authentication scheme with anonymity is presented. It mainly uses low-cost functions such as one-way hash functions and exclusive- OR operations to achieve security. Having these features, it is more suitable for the energy-limited mobile devices. In addition, the home agent only needs to receive one message and send one message to authenticate the mobile user. Therefore, this protocol enjoys both computation and communication efficiency as compared to the well-known authentication schemes. Besides, it is demonstrated that the proposed scheme enjoys important security attributes such as preventing the various kinds of attacks, single registration, user anonymity, user friendly, no password/verifier table, no synchronized time mechanisms, high efficiency in password authentication, use of one-time session key between mobile user and foreign agent, etc. Furthermore, one of the new features in our proposal is: it is secure in the case that the information stored in the smart card is disclosed but the user password of the smart card owner is unknown to the adversary.
AB - Designing a user authentication protocol with anonymity for the global mobility network (GLOMONET) is a difficult task because wireless networks are more susceptible to attacks and each user has limited energy, processing and storage resources. Recently, some authentication schemes with user anonymity for the GLOMONET have been proposed. This paper shows some weaknesses in those schemes. As the main contribution of this paper, a secure and lightweight user authentication scheme with anonymity is presented. It mainly uses low-cost functions such as one-way hash functions and exclusive- OR operations to achieve security. Having these features, it is more suitable for the energy-limited mobile devices. In addition, the home agent only needs to receive one message and send one message to authenticate the mobile user. Therefore, this protocol enjoys both computation and communication efficiency as compared to the well-known authentication schemes. Besides, it is demonstrated that the proposed scheme enjoys important security attributes such as preventing the various kinds of attacks, single registration, user anonymity, user friendly, no password/verifier table, no synchronized time mechanisms, high efficiency in password authentication, use of one-time session key between mobile user and foreign agent, etc. Furthermore, one of the new features in our proposal is: it is secure in the case that the information stored in the smart card is disclosed but the user password of the smart card owner is unknown to the adversary.
UR - https://www.scopus.com/pages/publications/78650493958
U2 - 10.1109/NBiS.2010.34
DO - 10.1109/NBiS.2010.34
M3 - 会议稿件
AN - SCOPUS:78650493958
SN - 9780769541679
T3 - Proceedings - 13th International Conference on Network-Based Information Systems, NBiS 2010
SP - 305
EP - 312
BT - Proceedings - 13th International Conference on Network-Based Information Systems, NBiS 2010
T2 - 13th International Conference on Network-Based Information Systems, NBiS 2010
Y2 - 14 September 2010 through 16 September 2010
ER -