A Privacy Preserving Authentication Scheme for Roaming in IoT-Based Wireless Mobile Networks

Yükleniyor...
Küçük Resim

Tarih

2020

Dergi Başlığı

Dergi ISSN

Cilt Başlığı

Yayıncı

MDPI, ST ALBAN-ANLAGE 66, CH-4052 BASEL, SWITZERLAND

Erişim Hakkı

info:eu-repo/semantics/openAccess
Attribution-NonCommercial-NoDerivs 3.0 United States

Özet

The roaming service enables a remote user to get desired services, while roaming in a foreign network through the help of his home network. The authentication is a pre-requisite for secure communication between a foreign network and the roaming user, which enables the user to share a secret key with foreign network for subsequent private communication of data. Sharing a secret key is a tedious task due to underneath open and insecure channel. Recently, a number of such schemes have been proposed to provide authentication between roaming user and the foreign networks. Very recently, Lu et al. claimed that the seminal Gopi-Hwang scheme fails to resist a session-specific temporary information leakage attack. Lu et al. then proposed an improved scheme based on Elliptic Curve Cryptography (ECC) for roaming user. However, contrary to their claim, the paper provides an in-depth cryptanalysis of Lu et al.'s scheme to show the weaknesses of their scheme against Stolen Verifier and Traceability attacks. Moreover, the analysis also affirms that the scheme of Lu et al. entails incorrect login and authentication phases and is prone to scalability issues. An improved scheme is then proposed. The scheme not only overcomes the weaknesses Lu et al.'s scheme but also incurs low computation time. The security of the scheme is analyzed through formal and informal methods; moreover, the automated tool ProVerif also verifies the security features claimed by the proposed scheme.

Açıklama

Document Information Language:English Accession Number: WOS:000521147600024

Anahtar Kelimeler

roaming user, authentication, internet of things, mobile networks, anonymity, elliptic curve cryptography, ProVerif, 2-FACTOR AUTHENTICATION, MUTUAL AUTHENTICATION, SERVICE, ANONYMITY

Kaynak

SYMMETRY-BASEL

WoS Q Değeri

Q2

Scopus Q Değeri

Q2

Cilt

12

Sayı

2

Künye