Preventing delegation-based mobile authentications from man-in-the-middle attacks

Preventing delegation-based mobile authentications from man-in-the-middle attacks

In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computer standards and interfaces 2012-03, Vol.34 (3), p.314-326
Hauptverfasser: Lu, Jian-Zhu, Zhou, Jipeng
Format: Artikel
Sprache:eng
Schlagworte:
Authentication
Computation
Elliptic curve cryptosystem
Failure
Hash based algorithms
Messages
Mobile communication
Mutual authentication
Networks
Protocol (computers)
Security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In this paper, an approach of mutual authentication and key exchange for mobile access, based on the trust delegation and message authentication code, is developed, and a novel nonce-based authentication approach is presented. The proposed protocols can effectively defend all known attacks to mobile networks including the denial-of-service attacks and man-in-the-middle attacks. In particular, in contrast to some previous work, our design gives users a chance to set a session key according to users' will, and does not require a mobile user to compute useless hash key chains in the face of HLR-online authentication failures or run the initial authentication protocol before HLR-offline authentication. Moreover, our design enjoys both computation efficiency and communication efficiency as compared to known mobile authentication schemes.
ISSN:0920-5489
1872-7018
DOI:10.1016/j.csi.2011.10.014