원문정보
초록
영어
In wireless environments, the issue of mutual authentication and key agreement with user anonimity is challenging. Recently, Mun et al. proposed an efficient anonymous authentication scheme for roaming services in wireless enviroments. Unfortunately, Kim et al. pointed out that Mun et al.’s anonymous authentication scheme suffers from replay attacks and man-in-the-middle attacks. They propose an improved secure anonymous authentication scheme for roaming services. Kim et al. claimed that their protocol removed the weaknesses of the Mun et al.’s scheme. However, we show that Kim et al.'s scheme fails to achieve anonymity. In addition, Kim et al.'s scheme is vulnerable to replay attacks and impersonation attacks and is impractical in the real-life implementation. We then propose an enhanced privacy-preserving authentication scheme. We demonstrate that our scheme overcomes the aforementioned weaknesses.
목차
1. Introduction
2. Review of Kim-Kwak’s Scheme
2.1. Registration Phase
2.2. Authentication and Key Establishment Phase
2.3. Update Session Key Phase
3. Security Analysis of Kim-Kwak's Scheme
3.1. Unfairness in Key Agreement
3.2. Flaws in Design
3.3. Replay Attack
3.4. Impersonation Attack
3.5. Attacks Against The User’s Anonymity
4. The proposed Scheme
4.1. Registration Phase
4.2. Login Phase
4.3. Authentication Phase
4.4. Password Change Phase
5. Analysis
5.1. Security Analysis
5.2. Performance Analysis
6. Conclusion
Acknowledgements
References