Secure Authentication Scheme with Anonymity for Wireless Communications

1. Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date : 2012-12-08

2. Outline 1. Introduction 2. Review of Wu et al.’s scheme 3.Weakness of Wu et al.’s scheme 4.Improved Scheme 5.Security Analysis 6. Conclusion

3. 1. Introduction 人 • In recent years, many authors proposed the anonymous authentication scheme for wireless communications. • In 2004, Zhu and Ma proposed an authentication scheme with anonymity for wireless communications. However, in 2006, Lee, Hwang and Laio pointed out that Zhu-Ma’s scheme exists some weaknesses and proposed the improved scheme to overcome these weaknesses in Zhu-Ma’s scheme.

4. 1. Introduction • In 2008, Wu, Lee and Tsaur pointed out that Lee et al’s scheme still exists weakness of anonymity and backward secrecy. Therefore, they also proposed an improved scheme to improve the weaknesses in Lee et al.’s scheme. • In 2009, Zeng et al and Lee et al found out that Wu et al.’s scheme still not protect the anonymity of user. However, they did not propose the scheme to improve it.

5. 1. Introduction • In 2009, Chang et al. also pointed out that Wu et al’s scheme exists two weaknesses, which failed to achieve the anonymity and prevent impersonation attack. At the same time, they also proposed the improved scheme to overcome these weaknesses. However, it’s unfortunately, their proposed scheme still not efficiently overcome these weaknesses. • In this paper, we will analyze Wu et al.’s scheme and propose a secure anonymous authentication scheme to improve the security weaknesses in Wu at al.’s scheme.

6. 2. Review of Wu et al.’s scheme MU : Mobile User HA : Home Agent of a mobile user FA : Foreign Agent of the network IDA: Identity of A TA : Timestamp of A CertA : Certificate of A (X)K : Symmetric Encryption EK(X) : Asymmetric Encryption h(X) : Hash X using hash function PWA : Password of A PA: Public key of A SA: Private key of A • Notations

7. 2. Review of Wu et al.’s scheme • This scheme can be divided into three phases • Initial Phase MU registers with HA through secure channel. • First Phase FA authenticates MU through HA and establishes a session key with MU. • Second Phase MU updates the session key with FA.

8. 2. Review of Wu et al.’s scheme HA MU Secure Channel Secure Channel • Initial Phase

9. 2. Review of Wu et al.’s scheme FA HA MU • First Phase

10. 2. Review of Wu et al.’s scheme • In order to enhance the efficiency, while MU stays with the same FA, the new session key ki can be derived from the unexpired previous secret knowledge xi−1 and a fixed secret x as FA MU Session key update • Second Phase

11. 3. Weakness of Wu et al.’s scheme FA HA MU Attacker • Anonymity

12. 3. Weakness of Wu et al.’s scheme FA HA MU Attacker PWMU* • Impersonation attack

13. 4. Improved scheme HA MU Secure Channel Secure Channel • Registration Phase

14. 4. Improved scheme FA HA MU • Authentication and establishment session key phase

15. 4. Improved scheme • In order to enhance the efficiency, while MU stays with the same FA, the new session key ki can be derived from the unexpired previous secret knowledge xi−1 and a fixed secret x as FA MU Session key update • Session key update phase

16. 4. Improved scheme FA HA MU • Password change phase

17. 5. Security Analysis FA HA MU Attacker • Anonymity

18. 5. Security Analysis FA HA MU • Impersonation Attack

19. 5. Security Analysis • Comparison Table

20. 6. Conclusion • In this paper, we propose the secure anonymous auth-entication scheme which not only improves the above mentioned weaknesses in Wu et al.’s scheme, but also provides the extra function of changing password for mobile users. • From our security analysis, we find out that our proposed scheme indeed can improve all of the weaknesses in Wu et al.’s scheme and also achieve our expected efficiency.

21. Many thanks for your listening