Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks

Taek Young Youn, Young Ho Park, Jong In Lim

Research output: Contribution to journalArticle

64 Citations (Scopus)

Abstract

Recently, Chang, Lee, and Chiu proposed an enhanced anonymous authentication scheme which permits mobile users to anonymously enjoy roaming service in global mobile networks. In this letter, we show that their scheme fails to achieve the anonymity by providing four attack strategies. Moreover, we show that anyone can recover a mobile user's session keys by using the identity of the mobile user. Hence, Chang et al.'s scheme cannot provide secure key establishing service since an adversary can recover the identity of a mobile user by performing one of our attacks.

Original languageEnglish
Pages (from-to)471-473
Number of pages3
JournalIEEE Communications Letters
Volume13
Issue number7
DOIs
Publication statusPublished - 2009 Aug 14

Fingerprint

Network Mobility
Authentication
Wireless networks
Attack
Anonymity
Mobile Networks

Keywords

  • Anonymous authentication
  • Mobile
  • Security

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Science Applications
  • Modelling and Simulation

Cite this

Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. / Youn, Taek Young; Park, Young Ho; Lim, Jong In.

In: IEEE Communications Letters, Vol. 13, No. 7, 14.08.2009, p. 471-473.

Research output: Contribution to journalArticle

@article{8d8936236f704996a0ebd8806bb09d3e,
title = "Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks",
abstract = "Recently, Chang, Lee, and Chiu proposed an enhanced anonymous authentication scheme which permits mobile users to anonymously enjoy roaming service in global mobile networks. In this letter, we show that their scheme fails to achieve the anonymity by providing four attack strategies. Moreover, we show that anyone can recover a mobile user's session keys by using the identity of the mobile user. Hence, Chang et al.'s scheme cannot provide secure key establishing service since an adversary can recover the identity of a mobile user by performing one of our attacks.",
keywords = "Anonymous authentication, Mobile, Security",
author = "Youn, {Taek Young} and Park, {Young Ho} and Lim, {Jong In}",
year = "2009",
month = "8",
day = "14",
doi = "10.1109/LCOMM.2009.090488",
language = "English",
volume = "13",
pages = "471--473",
journal = "IEEE Communications Letters",
issn = "1089-7798",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "7",

}

TY - JOUR

T1 - Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks

AU - Youn, Taek Young

AU - Park, Young Ho

AU - Lim, Jong In

PY - 2009/8/14

Y1 - 2009/8/14

N2 - Recently, Chang, Lee, and Chiu proposed an enhanced anonymous authentication scheme which permits mobile users to anonymously enjoy roaming service in global mobile networks. In this letter, we show that their scheme fails to achieve the anonymity by providing four attack strategies. Moreover, we show that anyone can recover a mobile user's session keys by using the identity of the mobile user. Hence, Chang et al.'s scheme cannot provide secure key establishing service since an adversary can recover the identity of a mobile user by performing one of our attacks.

AB - Recently, Chang, Lee, and Chiu proposed an enhanced anonymous authentication scheme which permits mobile users to anonymously enjoy roaming service in global mobile networks. In this letter, we show that their scheme fails to achieve the anonymity by providing four attack strategies. Moreover, we show that anyone can recover a mobile user's session keys by using the identity of the mobile user. Hence, Chang et al.'s scheme cannot provide secure key establishing service since an adversary can recover the identity of a mobile user by performing one of our attacks.

KW - Anonymous authentication

KW - Mobile

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=68349157387&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=68349157387&partnerID=8YFLogxK

U2 - 10.1109/LCOMM.2009.090488

DO - 10.1109/LCOMM.2009.090488

M3 - Article

VL - 13

SP - 471

EP - 473

JO - IEEE Communications Letters

JF - IEEE Communications Letters

SN - 1089-7798

IS - 7

ER -