Abstract
Authentication protocols with anonymity attracted wide attention since they could protect users’ privacy in wireless communications. Recently, Hsieh and Leu proposed an anonymous authentication protocol based on elliptic curve Diffie–Hellman problem for wireless access networks and claimed their protocol could provide anonymity. However, by proposing a concrete attack, we point out that their protocol cannot provide user anonymity. To overcome its weakness, we propose an improved protocol. We also provide an analysis of our proposed protocol to prove its superiority, even though its computational cost is slightly higher.
References
Juang, W., Lei, C., & Chang, C. (1999). Anonymous channel and authentication in wireless communications. Computer Communications, 22, 1502–1511.
Rahman, M., & Imai, H. (2002). Security in wireless communication. Wireless Personal Communications, 22(2), 213–228.
Harn, L., & Lin, H. (1993). Authentication in wireless communications. In IEEE Global Telecommunications Conference (GLOBECOM ’93) (pp. 550–554).
Barbancho, A., & Peinado, A. (2003). Cryptanalysis of anonymous channel protocol for large-scale area in wireless communications. Computer Networks, 43, 777–785.
Lee, C., Hwang, M., & Liao, I. (2006). Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Industrial Electronics, 53(5), 1683–1687.
Peinado, A. (2004). Privacy and authentication protocol providing anonymous channels in GSM. Computer Communications, 27, 1709–1715.
Lin, W., & Jan, J. (2001). A wireless-based authentication and anonymous channels for large scale area. In Proceedings of the IEEE symposium on computers and communications, 2001 (pp. 36–41).
Fathi, H., Shin, S., Kobara, K., & Imai, H. (2007) Protocols for authenticated anonymous communications. In 18th International symposium on personal, indoor and mobile radio, communications (PIMRC07) (pp. 1–5).
He, D. (2012). Cryptanalysis of an authenticated key agreement protocol for wireless mobile communications. ETRI Journal, 34(3), 482–484.
Zhu, J., & Ma, J. (2004). A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics, 50(1), 231–235.
Lee, C., Chang, C., & Lin, C. (2005). User authentication with anonymity for global mobility networks. In 2th Asia pacific conference on mobile technology, applications and systems (pp. 1–5).
Chen, Y., Chuang, S., Yeh, L., & Huang, J. (2011). A practical authentication protocol with anonymity for wireless access networks. Wireless Communications and Mobile Computing, 11, 1366–1375.
Yang, C., Tang, Y., Wang, R., & Yang, H. (2005). A secure and efficient authentication protocol for anonymous channel in wireless communications. Applied Mathematics and Computation, 169(2), 1431–1439.
Hsieh, W., & Leu, J. (2012). Anonymous authentication protocol based on elliptic curve Diffie–Hellman for wireless access networks. Wireless Communications and Mobile Computing, doi:10.1002/wcm.2252.
Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48, 203–209.
Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transaction on Computer System, 8(1), 18–36.
He, D., & Wu, S. (2012). Security flaws in a smart card based authentication scheme for multi-server environment. Wireless Personal Communications, doi:10.1007/s11277-012-0696-1.
Li, X., Xiong, Y., Ma, J., & Wang, W. (2012). An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. Journal of Network and Computer Applications, 35(2), 763–769.
Wang, B., & Ma, M. (2012). A smart card based efficient and securedmulti-server authentication scheme. Wireless Personal Communications, doi:10.1007/s11277-011-0456-7.
Kocher, P., Jaffe, J., & Jun, J. (1999) Differential power analysis. In Proceedings of advances in cryptology (CRYPTO 99) (pp. 388–397).
Messerges, T., Dabbish, E., & Sloan, R. (2002). Examining smart- card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.
Li, C., Hwang, M., & Chung, Y. (2008). A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks. Computer Communication, 31, 2803–2814.
Acknowledgments
The authors thank Prof. R. Prasad and the anonymous reviewers for their valuable comments. This research was supported by the Open Funds of State Key Laboratory of Information Security (No. 2013-3-3) and the Specialized Research Fund for the Doctoral Program of Higher Education of China (No. 20110141120003).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
He, D., Zhang, Y. & Chen, J. Cryptanalysis and Improvement of an Anonymous Authentication Protocol for Wireless Access Networks. Wireless Pers Commun 74, 229–243 (2014). https://doi.org/10.1007/s11277-013-1282-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-013-1282-x