یک روش احراز هویت و توافق کلید نشست امن در شبکه‌های سیار سراسری با حفظ گمنامی کاربر

نوع مقاله : علمی-پژوهشی

نویسندگان

دانشکده مهندسی کامپیوتر- دانشگاه بین‌المللی امام رضا (ع)

چکیده

در سال‌های اخیر شبکه‌های سیار سراسری رشد سریع و چشم‌گیری را به خود اختصاص داده‌اند و دستگاه‌های تلفن همراه هوشمند، به ابزاری کاربردی و حتی حیاتی برای کاربران تبدیل‌شده است. همچنین، خدمات رومینگ دستگاه‌های تلفن همراه هوشمند این امکان را فراهم می‌آورد تا کاربران بتوانند در خارج از محدوده جغرافیایی تحت پوشش شبکه اپراتور مرجع و با استفاده از شبکه اپراتورهای کمکی، اطلاعات خود را با دیگران به اشتراک بگذارند. در این مقاله، ابتدا اثبات می‌شود که روش‌هایی که تاکنون در این زمینه پیشنهادشده‌اند نه‌تنها در مقابل برخی از حملات ازجمله حمله تکرار، حمله داخلی، حمله جعل هویت کاربر، اپراتور مرجع و اپراتور کمکی و حمله منع سرویس آسیب‌پذیرند، بلکه برخی ویژگی‌های امنیتی ازجمله گمنامی و عدم ردیابی کاربر، احراز هویت متقابل، محرمانگی کامل روبه‌جلو و امنیت کلید نشست را فراهم نمی‌آورند. سپس، یک طرح احراز هویت مبتنی بر کارت هوشمند برای شبکه‌های سیار سراسری ارائه می‌شود که نه‌تنها ضعف‌های امنیتی موجود در طرح‌های پیشین را برطرف می‌سازد، بلکه احراز هویت متقابل میان هر سه موجودیت (کاربر، اپراتور مرجع و اپراتور کمکی) را به همراه حفظ گمنامی کاربر نیز فراهم می‌کند. درنهایت، به مقایسه امنیت و کارایی طرح پیشنهادی با طرح‌های پیشین پرداخته‌شده است و نشان داده می‌شود که طرح پیشنهادی از امنیت و کارایی قابل قبولی برخوردار است.

کلیدواژه‌ها


عنوان مقاله [English]

A secure authentication and session key agreement scheme in global mobile networks preserving user anonymity

نویسندگان [English]

  • F. Ahmadi
  • M. Nikooghadam
Faculty of Computer Engineering, Imam Reza International University, Mashhad, Iran
چکیده [English]

: In recent years, the global mobility networks have grown rapidly and significantly and the smart phones have become practical and even vital tools for users. Furthermore, the roaming service of smart phones provides a possibility for users to share their information with others outside of the geographical region of home agent with the aid of foreign agent. In this paper, first, we prove that the previously-published schemes in this field not only are vulnerable to some known attacks, such as the reply attack, insider attack, user, home agent, and foreign agent impersonation attacks, and Denial of Service attack, but also some security features such as user anonymity, untraceability, mutual authentication, perfect forward secrecy, and session key security are not provided. Second, an authentication scheme based on smart card is presented for the global mobility networks, which not only can solve the security weaknesses of the previous schemes, but also can provide the anonymity and mutual authentication between the three entities of user, home agent, and foreign agent. Finally, security and efficiency of the proposed scheme are compared with the previously-proposed schemes. The results demonstrate that the proposed scheme provides a proper level of both security and efficiency.

کلیدواژه‌ها [English]

  • Global mobility networks
  • Roaming
  • Key agreement
  • Mutual authentication
  • Anonymity
  • Untraceability
  • Smart card
  • Biometric
  • Elliptic curve cryptography
[1]    محمد لاری، «تخصیص منابع جهت کمینه‌سازی تأخیر ارسال در سامانه‌های مخابراتی تغذیه‌شونده به‌صورت بی‌سیم»، مجله مهندسی برق دانشگاه تبریز، جلد 47، شماره 3، صفحه 1205-1212، پاییز 1396.
[2]    سعید سیدطاهری، علی رضا عندلیب، «طراحی واتافتگرهای مبتنی بر بلورهای فوتونی با قابلیت تواناسازی مناسب برای سامانه‌های مخابرات نوری»، مجله مهندسی برق دانشگاه تبریز، جلد 47، شماره 2، صفحه 563-570، تابستان 1396.
[3]     J. Zhu and J. Ma, “A new authentication scheme with anonymity for wireless ‌environments,” Consumer Electronics, IEEE Transactions on, vol. 50, no. 1, pp. 231-235, June 2004.
[4]     C. C. Lee, M. S. Hwang and I. E. Liao, “Security enhancement on a new ‌authentication scheme with anonymity for wireless environments,”IEEE Transactions on Industrial Electronics, vol. 53, no. 5, pp. 1683-1687, Oct 2006.
[5]     C. C. Wu, W. B. Lee and W. J. Tsaur, “A secure authentication scheme with ‌anonymity for wireless communications,” IEEE Communications Letters, vol. 12, no. 10, pp. 722-723, Oct 2008.
[6]     C. C. Chang, C. Y. Lee and W. B. Lee, “Cryptanalysis and improvement of a secure authentication scheme with anonymity for wireless communications,” Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, pp. 902-904,Nov 2009.
[7]     J. S. Lee, J. H. Chang and D. H. Lee, “Security flaw of authentication scheme with anonymity for wireless communications,” IEEE Communications Letters, vol. 13, no. 5, pp. 292-29, May 2009.
[8]     J. Xu and D. Feng, “Security flaws in authentication protocols with anonymity for wireless environments,” Electronics and Telecommunications Research Institute journal, vol. 31, no. 4, pp. 460-462, Aug 2009.
[9]     P. Zeng, Z. Cao, K. K. Choo and S. Wang, “On the anonymity of some authentication schemes for wireless communications,” IEEE Communications Letters, vol. 13, no. 3, pp. 170-171, March 2009.
[10]  D. He, M. Ma, Y. Zhang, C. Chen and J. Bu, “A strong user authentication scheme with smart cards for wireless communications,” Computer Communications, vol. 34, no. 3, pp. 367–374, March 2011.
[11]  H. Mun, K. Han, Y. S. Lee, C. Y. Yeun and H. H. Choi, “Enhanced secure ‌anonymous authentication scheme for roaming service in global mobility networks,” ‌Mathematical and Computer Modelling, vol. 55, no. 1, pp. 214-222, Apr 2012.
[12]  JS. Kim and J. Kwak, “Secure and efficient anonymous authentication scheme in global mobility networks,” Journal of Applied Mathematics, vol. 2013, pp. 1-12,Sep 2013.
[13]  D. Zhao, H. Peng, L. Li and Y. Yang, “A secure and effective anonymous authentication scheme for roaming service in global mobility networks,” Wireless Personal Communications, vol. 78, no. 1, pp. 247-269, Apr 2014.
[14]  W. C. Kuo, H. J. Wei and J. C. Cheng, “An efficient and secure anonymous ‌mobility network authentication scheme,” journal of information security and ‌applications, vol. 19, no. 1, pp. 18-24, Feb 2014.‌
[15]  H. D. Le, C. C. Chang and Y. C. Chou, “A Novel Untraceable Authentication ‌Scheme for Mobile Roaming in GLOMONET”, International Journal of Network Security, vol. 17, no. 4, pp. 395-404, July 2015.
[16]  Y. Lu, X. Wu and X. Yang, “A Secure Anonymous Authentication Scheme for ‌Wireless Communications Using Smart Cards”, International Journal of Network ‌Security, vol. 17, no. 3, pp. 237-245, May 2015.
[17]  P. Gope and T. Hwang, “An efficient mutual authentication and key agreement scheme preserving strong anonymity of the mobile user in global mobility networks,” Journal of Network and Computer Applications, vol.62, pp. 1-8, Feb 2016.
[18]  F. Wu, L. Xu, S. Kumari, X. Li, A. k. Das, M. K. Khan, M. Karuppiah and R. Baliyan, “A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks,” Security and Communication Networks, vol. 9, no. 16, pp. 3527-3542, Nov 2016.
[19]  C. C. Lee, Y. M. Lai, C. T. Chen and S. D. Chen, “Advanced Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks,” Wireless Personal Communications, vol. 94, no. 3, pp. 1281-1296, June 2017.
[20]  X. Li, J. Niu, S. Kumari, F. Wu and K. K. R. Choo, “A robust biometrics based three-factor authentication scheme for Global Mobility Networks in smart city,” Future Generation Computer Systems, in press, doi.org/10.1016/j.future.2017.04.012, Apr 2017.
[21]  R. Madhusudhan and K. S. Suvidha, “An Efficient and Secure User Authentication Scheme with Anonymity in Global Mobility Networks,” International Conference on Advanced Information Networking and Applications Workshops, pp. 19-24, May 2017.
[22]  M. Nikooghadam, E. Malekian and A. Zakerolhosseini, “A Versatile Reconfigurable Bit-Serial Multiplier Architecture in Finite Fields GF(2m),” Communications in Computer and Information Science, vol. 6, no. 1, pp. 227-234, Feb 2008.
[23]  M. Nikooghadam, A. Zakerolhosseini and M. Ebrahimi Moghaddam, “Efficient utilization of elliptic curve cryptosystem for hierarchical access control,” Journal of Systems and Software, vol. 83, no. 10, pp. 1917-1929, Oct 2010.
[24]  D. Mishra, A. Chaturvedi, S. Mukhopadhyay, “Design of a lightweight two-factor authentication scheme with smart card revocation,” journal of information security and applications, vol. 23, pp. 44-53, Aug 2015.
[25]  Y. Dodis, R. Ostrovsky, L. Reyzin and A. Smith, “Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” Society for Industrial and Applied Mathematics journal on computing, vol. 38, no. 1, pp. 97-139,Sep 2008.
[26]  D. He, N. Kumar, J. H. Lee and R. Sherratt, “Enhanced three-factor security protocol for consumer USB mass storage devices,” IEEE Transactions on Consumer Electronics, vol. 60, no. 1, pp. 30-37, Feb 2014.
[27]  H. Sun, Q. Wen and W. Li, “A strongly secure pairing-free certificateless authenticated key agreement protocol under the CDH assumption,” Science China Information Sciences, vol. 59, no. 3, pp. 1-16, March 2016.
[28]  T. Team, “AVISPA v1. 1 User manual,” Information Society Technologies Programme, http://avispa-project.Org, March 2006.
[29]  L. Xu and F. Wu, “Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care,” Journal of medical systems, vol. 39, no. 2, pp. 1-9, Jan 2015.
[30]  A. G. Reddy, E. J. Yoon, A. K. Das and K. Y. Yoo, “Lightweight authentication with key-agreement protocol for mobile network environment using smart cards,” The Institution of Engineering and Technology Information Security, vol. 10, no. 5, pp. 272-282, Feb 2016.