Examining Smart-Card Security under the Threat of Power Analysis Attacks
IEEE Transactions on Computers
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Guide to Elliptic Curve Cryptography
Guide to Elliptic Curve Cryptography
Computer Networks: The International Journal of Computer and Telecommunications Networking
Implementing public-key infrastructure for sensor networks
ACM Transactions on Sensor Networks (TOSN)
A secure dynamic ID based remote user authentication scheme for multi-server environment
Computer Standards & Interfaces
Computer Standards & Interfaces
On the anonymity of some authentication schemes for wireless communications
IEEE Communications Letters
Security flaw of authentication scheme with anonymity for wireless communications
IEEE Communications Letters
Sizzle: A standards-based end-to-end security architecture for the embedded Internet
Pervasive and Mobile Computing
Efficient implementation of public key cryptosystems on mote sensors (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Securing mobile access in ubiquitous networking via non-roaming agreement protocol
ICICS'10 Proceedings of the 12th international conference on Information and communications security
A user friendly authentication scheme with anonymity for wireless communications
Computers and Electrical Engineering
An efficient and secure multi-server authentication scheme with key agreement
Journal of Systems and Software
International Journal of Network Management
Wireless Personal Communications: An International Journal
Robust Anonymous Two-Factor Authentication Scheme for Roaming Service in Global Mobility Network
Wireless Personal Communications: An International Journal
| Hi-index | 0.24 |
Seamless roaming over wireless network is highly desirable to mobile users, and security such as authentication of mobile users is challenging. Recently, due to tamper-resistance and convenience in managing a password file, some smart card based secure authentication schemes have been proposed. This paper shows some security weaknesses in those schemes. As the main contribution of this paper, a secure and light-weight authentication scheme with user anonymity is presented. It is simple to implement for mobile user since it only performs a symmetric encryption/decryption operation. Having this feature, it is more suitable for the low-power and resource-limited mobile devices. In addition, it requires four message exchanges between mobile user, foreign agent and home agent. Thus, this protocol enjoys both computation and communication efficiency as compared to the well-known authentication schemes. As a special case, we consider the authentication protocol when a user is located in his/her home network. Also, the session key will be used only once between the mobile user and the visited network. Besides, security analysis demonstrates that our scheme enjoys important security attributes such as preventing the various kinds of attacks, single registration, user anonymity, no password/verifier table, and high efficiency in password authentication, etc. Moreover, one of the new features in our proposal is: it is secure in the case that the information stored in the smart card is disclosed but the user password of the smart card owner is unknown to the attacker. To the best of our knowledge, until now no user authentication scheme for wireless communications has been proposed to prevent from smart card breach. Finally, performance analysis shows that compared with known smart card based authentication protocols, our proposed scheme is more simple, secure and efficient.