An authentication scheme is one of the most basic and important security mechanisms for satellite communication systems because it prevents illegal access by an adversary. Lee et al. recently proposed an efficient authentication scheme for mobile satellite communication systems. However, we observed that this authentication scheme is vulnerable to a denial of service (DoS) attack and does not offer perfect forward secrecy. Therefore, we propose a novel secure authentication scheme without verification table for mobile satellite communication systems. The proposed scheme can simultaneously withstand DoS attacks and support user anonymity and user unlinkability. In addition, the proposed scheme is based on the elliptic curve cryptosystem, has low client-side and server-side computation costs, and achieves perfect forward secrecy.KEY WORDS: authentication scheme; denial of service attack (DoS attack); mobile satellite communication systems; user anonymity; user unlinkability
INTRODUCTIONWith the rapid development of satellite communication systems [1][2][3][4][5][6][7], an increasing number of mobile users are employing these systems for interpersonal communication. For traditional satellite communication systems, a geostationary satellite is responsible for establishing communication channels among mobile users in the geosynchronous equatorial orbit (GEO). However, because the distance between the geostationary satellite and the earth is approximately 22,300 miles, it has a signal latency problem. Thus, several non-GEO satellite communication systems have been developed such as low-earth-orbit (LEO) satellite communication systems [3,6,7]. Although LEO satellite communication systems are convenient for mobile users, serious problems result from this convenience. Specifically, the following two satellite communication system problems require resolution: (1) Security is a basic requirement for satellite communication systems. Messages that are transmitted using satellite communication systems are always transmitted via insecure wireless channels. Thus, adversaries with sufficient resources might be able to modify or interrupt these messages before they reach the intended destination. (2) Because mobile devices have low computational capacity compared with personal computers, adaptive protocols cannot place high computation demands on the client side. Thus, the majority of security protocols are unsuitable for satellite communication systems because they have heavy computation costs on the mobile user side.An authentication scheme is very crucial for satellite communication systems because it prevents illegal access by an adversary. In LEO satellite communication systems, users are required to register on the network control center (NCC). Figure 1 shows the general authentication system architecture C1: User can choose his/her identity; C2: mutual authentication; C3: user anonymity; C4: user unlinkability; C5: without leak out secret; C6: prevention of an impersonation attack; C7: prevention of a DoS attack; C8: The N...