A Privacy Preserving Authentication Scheme for Roaming in IoT-Based Wireless Mobile Networks
Yükleniyor...
Tarih
2020
Dergi Başlığı
Dergi ISSN
Cilt Başlığı
Yayıncı
MDPI, ST ALBAN-ANLAGE 66, CH-4052 BASEL, SWITZERLAND
Erişim Hakkı
info:eu-repo/semantics/openAccess
Attribution-NonCommercial-NoDerivs 3.0 United States
Attribution-NonCommercial-NoDerivs 3.0 United States
Özet
The roaming service enables a remote user to get desired services, while roaming in a foreign network through the help of his home network. The authentication is a pre-requisite for secure communication between a foreign network and the roaming user, which enables the user to share a secret key with foreign network for subsequent private communication of data. Sharing a secret key is a tedious task due to underneath open and insecure channel. Recently, a number of such schemes have been proposed to provide authentication between roaming user and the foreign networks. Very recently, Lu et al. claimed that the seminal Gopi-Hwang scheme fails to resist a session-specific temporary information leakage attack. Lu et al. then proposed an improved scheme based on Elliptic Curve Cryptography (ECC) for roaming user. However, contrary to their claim, the paper provides an in-depth cryptanalysis of Lu et al.'s scheme to show the weaknesses of their scheme against Stolen Verifier and Traceability attacks. Moreover, the analysis also affirms that the scheme of Lu et al. entails incorrect login and authentication phases and is prone to scalability issues. An improved scheme is then proposed. The scheme not only overcomes the weaknesses Lu et al.'s scheme but also incurs low computation time. The security of the scheme is analyzed through formal and informal methods; moreover, the automated tool ProVerif also verifies the security features claimed by the proposed scheme.
Açıklama
Document Information
Language:English
Accession Number: WOS:000521147600024
Anahtar Kelimeler
roaming user, authentication, internet of things, mobile networks, anonymity, elliptic curve cryptography, ProVerif, 2-FACTOR AUTHENTICATION, MUTUAL AUTHENTICATION, SERVICE, ANONYMITY
Kaynak
SYMMETRY-BASEL
WoS Q Değeri
Q2
Scopus Q Değeri
Q2
Cilt
12
Sayı
2