An efficient authentication protocol for mobile communications

Lee, Cheng‐Chi; Liao, I‐En; Hwang, Min‐Shiang

doi:10.1007/s11235-009-9276-4

Cited by 17 publications

(18 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Retrofitting Mutual Authentication to GSM [117], [118], [119], [120], [121], [ ? unknown not deployed or deployable partially deployed deployed and known to work from at least one Carrier or by Leaky Implementations, which means that sensitive information can be accessed through unintended side channels.…”

Section: Systematization Overviewmentioning

confidence: 99%

On Security Research Towards Future Mobile Network Generations

Rupprecht

Dabrowski

Holz

et al. 2018

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

Over the last decades, numerous security and privacy issues in all three active mobile network generations have been revealed that threaten users as well as network providers. In view of the newest generation (5G) currently under development, we now have the unique opportunity to identify research directions for the next generation based on existing security and privacy issues as well as already proposed defenses. This paper aims to unify security knowledge on mobile phone networks into a comprehensive overview and to derive pressing open research questions. To achieve this systematically, we develop a methodology that categorizes known attacks by their aim, proposed defenses, underlying causes, and root causes. Further, we assess the impact and the efficacy of each attack and defense. We then apply this methodology to existing literature on attacks and defenses in all three network generations. By doing so, we identify ten causes and four root causes for attacks.Mapping the attacks to proposed defenses and suggestions for the 5G specification enables us to uncover open research questions and challenges for the development of next-generation mobile networks. The problems of unsecured pre-authentication traffic and jamming attacks exist across all three mobile generations. They should be addressed in the future, in particular to wipe out the class of downgrade attacks and, thereby, strengthen the users' privacy. Further advances are needed in the areas of inter-operator protocols as well as secure baseband implementations. Additionally, mitigations against denial-of-service attacks by smart protocol design represent an open research question.

show abstract

Section: Systematization Overviewmentioning

confidence: 99%

On Security Research Towards Future Mobile Network Generations

Rupprecht

Dabrowski

Holz

et al. 2018

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

show abstract

“…The method represents a great reduction in location update and paging costs. Stephan et al [17] in 2010, proposed a new mechanism that registers the location of the mobile station when it resides for a long fixed time in the cell. The mobile station location management scheme was proposed by Jie and Kadhim [14] in 2013, based on the history of movement.…”

Section: Limits Of Mobility Management and The Authentication Mechanimentioning

confidence: 99%

Secure Authentication Approach Based New Mobility Management Schemes for Mobile Communication

Ghazli¹,

Hadj-Said²,

Adda³

2017

J Inf Process Syst

View full text Add to dashboard Cite

Mobile phones are the most common communication devices in history. For this reason, the number of mobile subscribers will increase dramatically in the future. Therefore, the determining the location of a mobile station will become more and more difficult. The mobile station must be authenticated to inform the network of its current location even when the user switches it on or when its location is changed. The most basic weakness in the GSM authentication protocol is the unilateral authentication process where the customer is verified by the system, yet the system is not confirmed by the customer. This creates numerous security issues, including powerlessness against man-in-the-middle attacks, vast bandwidth consumption between VLR and HLR, storage space overhead in VLR, and computation costs in VLR and HLR. In this paper, we propose a secure authentication mechanism based new mobility management method to improve the location management in the GSM network, which suffers from a lot off drawbacks, such as transmission cost and database overload. Numerical analysis is done for both conventional and modified versions and compared together. The numerical results show that our protocol scheme is more secure and that it reduces mobility management costs the most in the GSM network.

show abstract

“…The security and efficiency problems of satellite authentication schemes have motivated us to develop a secure and efficient authentication protocol that is more suitable for mobile satellite communication systems. In general, a secure authentication scheme for satellite communication systems should satisfy the following security requirements : (1) resistance against impersonation attack . A server or a user must have the ability to verify whether the login request is sent from an adversary; (2) resistance against denial of service (DoS) attack .…”

Section: Introductionmentioning

confidence: 99%

“…An adversary who has learned all of the previous authentication messages may attempt to resend these messages during additional authentication processes. In addition, a strong authentication scheme should provide the following functional requirements : (1) provision of mutual authentication . A strong authentication scheme must allow users and servers to authenticate each other; (2) provision of user anonymity .…”

Section: Introductionmentioning

confidence: 99%

Secure anonymous authentication scheme without verification table for mobile satellite communication systems

Tsai

2013

Satell Commun Network

View full text Add to dashboard Cite

An authentication scheme is one of the most basic and important security mechanisms for satellite communication systems because it prevents illegal access by an adversary. Lee et al. recently proposed an efficient authentication scheme for mobile satellite communication systems. However, we observed that this authentication scheme is vulnerable to a denial of service (DoS) attack and does not offer perfect forward secrecy. Therefore, we propose a novel secure authentication scheme without verification table for mobile satellite communication systems. The proposed scheme can simultaneously withstand DoS attacks and support user anonymity and user unlinkability. In addition, the proposed scheme is based on the elliptic curve cryptosystem, has low client-side and server-side computation costs, and achieves perfect forward secrecy.KEY WORDS: authentication scheme; denial of service attack (DoS attack); mobile satellite communication systems; user anonymity; user unlinkability INTRODUCTIONWith the rapid development of satellite communication systems [1][2][3][4][5][6][7], an increasing number of mobile users are employing these systems for interpersonal communication. For traditional satellite communication systems, a geostationary satellite is responsible for establishing communication channels among mobile users in the geosynchronous equatorial orbit (GEO). However, because the distance between the geostationary satellite and the earth is approximately 22,300 miles, it has a signal latency problem. Thus, several non-GEO satellite communication systems have been developed such as low-earth-orbit (LEO) satellite communication systems [3,6,7]. Although LEO satellite communication systems are convenient for mobile users, serious problems result from this convenience. Specifically, the following two satellite communication system problems require resolution: (1) Security is a basic requirement for satellite communication systems. Messages that are transmitted using satellite communication systems are always transmitted via insecure wireless channels. Thus, adversaries with sufficient resources might be able to modify or interrupt these messages before they reach the intended destination. (2) Because mobile devices have low computational capacity compared with personal computers, adaptive protocols cannot place high computation demands on the client side. Thus, the majority of security protocols are unsuitable for satellite communication systems because they have heavy computation costs on the mobile user side.An authentication scheme is very crucial for satellite communication systems because it prevents illegal access by an adversary. In LEO satellite communication systems, users are required to register on the network control center (NCC). Figure 1 shows the general authentication system architecture C1: User can choose his/her identity; C2: mutual authentication; C3: user anonymity; C4: user unlinkability; C5: without leak out secret; C6: prevention of an impersonation attack; C7: prevention of a DoS attack; C8: The N...

show abstract

An efficient authentication protocol for mobile communications

Cited by 17 publications

References 21 publications

On Security Research Towards Future Mobile Network Generations

On Security Research Towards Future Mobile Network Generations

Secure Authentication Approach Based New Mobility Management Schemes for Mobile Communication

Secure anonymous authentication scheme without verification table for mobile satellite communication systems

Contact Info

Product

Resources

About