Abstract
With the development of the wireless communication technology and the popularity of mobile devices, the mobile wireless network (MWN) has been widely used in our daily life. Through the access point (AP), users could access the Internet anytime and anywhere using their mobile devices. Therefore, MWNs can bring much convenience to us. Due to the limitation of AP’s coverage, the seamless handover frequently occurs in practical applications. How to guarantee the user’s privacy and security and identify the real identity when he/she brings harm to the system becomes very challenging. To achieve such goals, many anonymous handover authentication (AHA) protocols have been proposed in the last several years. However, most of them have high computation costs because mobile nodes need to carry out the bilinear pairing operations or the hash-to-point operations. Besides, most of them cannot satisfy some critical requirements, such as non-traceability and perfect forward secrecy. In this paper, we first outline the security requirements of AHA protocols, and then propose a new AHA protocol to eliminate weaknesses existing in previous AHA protocols. Based on the hardness of two famous mathematical problems, we demonstrate that the proposed AHA protocol is secure against different kinds of attacks and can meet a variety of security requirements. It can be seen from the details of implementations that the proposed AHA protocol also has much less computation cost than three latest AHA protocols.
中文摘要
随着无线通信技术的发展和移动设备的流行, 移动无线网络在我们日常生活中得到了广泛应用。通过移动无线网络中的接入点, 用户利用移动设备可以随时随地访问互联网。由于接入点的的覆盖范围是有限的, 无缝切换会时常法伤。如何在切换过程中保证用户的隐私和安全, 并在用户给移动无线网络带来危害时识别他的真实身份, 是非常具有挑战性的事情。为了实现这些目标, 科研人员已经提出了许多匿名切换认证协议。由于这些协议中的移动节点需要执行复杂的双线性对运算和映射到点运算, 它们中的大多数具有非常高的计算复杂度。另外, 这些协议并不不能提供不可追踪、前向保密等重要的安全属性。本文概述了匿名切换认证协议需要满足的安全属性, 并提出了一个新的匿名切换认证协议来解决以往协议中的安全缺陷。在两个著名数学难题的困难性基础上, 本文证明了提出的认证协议能够抵抗多种攻击, 并能够满足列出的安全属性。实现结果表明, 提出的协议比最新的三个相关协议具有更低的计算复杂度。创新点:(1)提出了一个移动无线网络中具有条件隐私保护功能的匿名切换认证协议; (2)在随机预言机模型下证明提出的协议是可证明安全的; (3)对提出的协议和相关协议的计算复杂度和通信复杂分析进行了详细分析和比较。
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Zheng X, Chen Y, Wang H, et al. Neighborhood prediction based decentralized key management for mobile wireless networks. Wirel Netw, 2013, 19: 1387–1406
Tu H, Kumar N, He D, et al. An efficient password-based three-party authenticated multiple key exchange protocol for wireless mobile networks. J Supercomput, 2014, 70: 224–235
Jo H, Paik J, Lee D. Efficient privacy-preserving authentication in wireless mobile networks. IEEE Trans Mobile Comput, 2014, 13: 1469–1481
He D B, Zeadally S, Kumar N, et al. Anonymous authentication for wireless body area networks with provable security. IEEE Syst J, in press, doi: 10.1109/JSYST.2016.2544805
He D B, Kumar N, Shen H, et al. One-to-many authentication for access control in mobile pay-tv systems. Sci China Inf Sci, 2016, 59: 052108
Shen H, Li Z, Chen K. A scalable and mobility-resilient data search system for large-scale mobile wireless networks. IEEE Trans Parall Distrib Syst, 2014, 25: 1124–1134
Liang C, Yu F, Zhang X. Information-centric network function virtualization over 5G mobile wireless networks. IEEE Netw, 2015, 29: 68–74
Menezes A J, Oorschot P C, Vanstone S A. Handbook of Applied Cryptography. Boca Raton: CRC Press, 1996
Choi J, Jung S. A secure and efficient handover authentication based on light-weight diffe-hellman on mobile node in fmipv6. IEICE Trans Commun, 2008, 91: 605–608
Yang G, Huang Q, Wong D, et al. Universal authentication protocols for anonymous wireless communications. IEEE Trans Wirel Commun, 2010, 9: 168–174
He D, Bu J, Chan S, et al. Privacy-preserving universal authentication protocol for wireless communications. IEEE Trans Wirel Commun, 2011, 10: 431–436
He D, Bu J, Chan S, et al. Handauth: efficient handover authentication with conditional privacy for wireless networks. IEEE Trans Comput, 2013, 62: 616–622
He D, Chen C, Chan S, et al. Secure and efficient handover authentication based on bilinear pairing functions. IEEE Trans Wirel Commun, 2012, 11: 48–53
He D, Chen C, Chan S, et al. Analysis and improvement of a secure and efficient handover authentication for wireless networks. IEEE Commun Lett, 2012, 16: 1270–1273
Yeo S, Yap W, Liu J, et al. Comments on “analysis and improvement of a secure and efficient handover authentication based on bilinear pairing functions”. IEEE Commun Lett, 2013, 17: 1521–1523
Tsai J, Lo N, Wu T. Secure handover authentication protocol based on bilinear pairings. Wirel Personal Commun, 2013, 73: 1037–1047
Wang W, Hu L. A secure and efficient handover authentication protocol for wireless networks. Sensors, 2014, 14: 11379–11394
He D, Khan M, Kumar N. A new handover authentication protocol based on bilinear pairing functions for wireless networks. Int J Ad Hoc Ubiquit Comput, 2015, 18: 67–74
Li G, Jiang Q, Wei F, et al. A new privacy-aware handover authentication scheme for wireless networks. Wirel Personal Commun, 2015, 80: 581–589
Xie Y, Wu L, Kumar N, et al. Analysis and improvement of a privacy-aware handover authentication scheme for wireless network. Wirel Personal Commun, doi: 10.1007/s11277-016-3352-3
Fu A M, Qin N Y, Wang Y L, et al. Nframe: a privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing for lte/lte-a networks. Wirel Netw, in press. doi: 10.1007/s11276-016-1277-0
Choi K Y, Hwang J Y, Lee D H, et al. Id-based authenticated key agreement for low-power mobile devices. In: Proceedings of the 10th Australasian Conference on Information Security and Privacy, Brisbane, 2005. 494–505
Huang X, Xiang Y, Bertino E, et al. Robust multi-factor authentication for fragile communications. IEEE Trans Depend Secure Comput, 2014, 11: 568–581
Huang X, Xiang Y, Chonka A, et al. A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans Parall Distr Syst, 2011, 22: 1390–1397
Shen J, Tan H, Moh S, et al. Enhanced secure sensor association and key management in wireless body area networks. J Commun Netw, 2015, 17: 453–462
Xie S, Wang Y. Construction of tree network with limited delivery latency in homogeneous wireless sensor networks. Wirel Personal Commun, 2014, 78: 231–246
Wang D, He D, Wang P, et al. Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans Depend Secure Comput, 2015, 12: 428–442
Wang D, Wang N, Wang P, et al. Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity. Inf Sci, 2015, 321: 162–178
Guo P, Wang J, Li B, et al. A variable threshold-value authentication architecture for wireless mesh networks. J Int Tech, 2014, 15: 929–936
He D, Zeadally S, Kumar N, et al. Efficient and anonymous mobile user authentication protocol using self-certied public key cryptography for multi-server architectures. IEEE Trans Inf Foren Secur, in press. doi: 10.1109/TIFS.2016.2573746
Shim K. Cpas: an efficient conditional privacy-preserving authentication scheme for sehicular sensor vetworks. IEEE Trans Veh Tech, 2012, 61: 1874–1883
Pointcheval D, Stern J. Security arguments for digital signatures and blind signatures. J Cryptol, 2000, 13: 361–396
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
He, D., Wang, D., Xie, Q. et al. Anonymous handover authentication protocol for mobile wireless networks with conditional privacy preservation. Sci. China Inf. Sci. 60, 052104 (2017). https://doi.org/10.1007/s11432-016-0161-2
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-016-0161-2