Journal
WIRELESS PERSONAL COMMUNICATIONS
Volume 125, Issue 1, Pages 819-839Publisher
SPRINGER
DOI: 10.1007/s11277-022-09579-0
Keywords
Anonymity; Authenticity; Session key agreement; Roaming service; Security
Categories
Ask authors/readers for more resources
This paper proposes a certificate-less anonymous two-factor authentication protocol based on Elliptic Curve Cryptography (ECC). The protocol’s robustness under various security attacks is ensured through formal verification using BAN logic and automated security validation with AVISPA tool.
Due to the infrastructure provided by the GLOobal MObility NETwork, mobile users are able to access many network services anytime and anywhere, even in a roaming environment. Although, a strong authentication scheme with sufficient security requirements is necessary while accessing such services. Recently, Gope et al. discussed a symmetric key based authentication protocol in this regard. However, we find that their protocol exhibits various shortfalls like privileged insider attack, offline password guessing attack, stolen smart card attack, session key compromised attack, unverified login phase, imperfect forward secrecy, improper mutual authentication, excessive database maintenance cost, synchronization problem and no password changing phase. In this article, we put forward a certificate-less anonymous two-factor authentication protocol based on Elliptic Curve Cryptography (ECC). We use BAN logic for formal verification of the protocol. Moreover, the robustness of the protocol under several security attacks is ensured using AVISPA tool-based automated security validation. The proposed protocol can provide increased security and design properties than many other recently existing schemes.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available