Journal
PEER-TO-PEER NETWORKING AND APPLICATIONS
Volume 14, Issue 6, Pages 3619-3633Publisher
SPRINGER
DOI: 10.1007/s12083-021-01194-3
Keywords
Privacy; Mutual authentication; Session key agreement; Desynchronization attack; Location based services; Security
Ask authors/readers for more resources
This article introduces a privacy-preserving user authentication protocol for location-based services based on elliptic curve cryptography, which includes dynamic randomized counters to synchronize the peers.
Preserving user privacy and authenticity are essential requirements for location based services in order to protect user's confidential information from public exposure and provide secure access to various services. Recently, numerous approaches towards these challenges have been proposed. Many of these are based on dynamic update of fixed parameters (such as pseudonym, transaction sequence number, shared key, counter, etc.) along with symmetric/asymmetric key cryptography, and seems promising in dealing with various security related issues such as unlinkability, forward/backward secrecy, replay attack and stolen verifier attack. However, the concept of dynamic update may affect the system performance in case of desynchronization attack as it requires to perform additional computations or user reregistration in order to resynchronize the peers. In this article, we address the problem of desynchronization attack and propose a privacy preserving user authentication protocol for location based services. The proposed protocol is based on elliptic curve cryptography and introduces dynamic randomized counters in order to synchronize the peers. Also, there is no need to resynchronize the peers in case of desynchronization attack. Additionally, there is no timestamp used in construction of the protocol to avoid clock synchronization problem. The security properties of the protocol are validated both formally and informally. Moreover, the safety of the protocol is assured using AVISPA tool based automated simulation. Finally, a performance comparison has been made against some recently proposed approaches to ensure the effectiveness of our protocol in real life implementations.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available