14,909 research outputs found
Security Analysis and Improvement of an Anonymous Authentication Scheme for Roaming Services
An anonymous authentication scheme for roaming services in global mobility networks allows a mobile user visiting a foreign network to achieve mutual authentication and session key establishment with the foreign-network operator in an anonymous manner. In this work, we revisit He et al.’s anonymous authentication scheme for roaming services and present previously unpublished security weaknesses in the scheme: (1) it fails to provide user anonymity against any third party as well as the foreign agent, (2) it cannot protect the passwords of mobile users due to its vulnerability to an offline dictionary attack, and (3) it does not achieve session-key security against a man-in-the-middle attack. We also show how the security weaknesses of He et al.’s scheme can be addressed without degrading the efficiency of the scheme
Recommended from our members
Ubiquitous Internet in an integrated satellite-terrestrial environment: The SUITED solution
yesThe current Internet architecture appears to
not be particularly suited to addressing the
emerging needs of new classes of users who wish
to gain access to multimedia services made available
by ISPs, regardless of their location, while
in motion and with a guaranteed level of quality.
One of the main objectives of so-called nextgeneration
systems is to overcome the limitations
of todayÂżs available Internet by adopting an
approach based on the integration of different
mobile and fixed networks. The SUITED project
moves in this direction since it aims at contributing
to the design and deployment of the global
mobile broadband system (GMBS), a unique
satellite/terrestrial infrastructure ensuring
nomadic users access to Internet services with a
negotiated QoS. A description of the main features
of the GMBS architecture, characterized
by the integration of a multisegment access network
with a federated ISP network is given in
this article. The GMBS multimode terminal is
schematically described, and an overview of the
so-called QoS-aware mobility management
scheme, devised for such a heterogeneous scenario,is provided
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
- …