Cryptanalysis of an Anonymous Mutual Authentication Scheme for Secure Inter-device Communication in Mobile Networks
Anonymous authentication allows one entity to be authenticated by the other without revealing the identity information. In mobile networks, mobile devices communicate with each other to exchange resources. To achieve anonymous mutual authentication, the devices are anonymously authenticated under the trusted server. Recently, Chung et al. proposed a efficient anonymous mutual authentication scheme for inter-device communication using only low-cost functions, such as hash functions and exclusive-or operations. However, we find that their protocol does not preserve user’s privacy in terms of untraceability. Also, their protocol is vulnerable to a denial of service attack and a user impersonation attack.
KeywordsAnonymity Mutual authentication Privacy Mobile network
The work of Chien-Ming Chen was supported in part by the Project NSFC (National Natural Science Foundation of China) under Grant number 61402135 and in part by Shenzhen Strategic Emerging Industries Program under Grants No. ZDSY20120613125016389.
- 1.Zhang, Z., Yang, K., Hu, X., Wang, Y.: Practical anonymous password authentication and tls with anonymous client authentication. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1179–1191. ACM (2016)Google Scholar
- 3.Tsang, P.P., Smith, S.W.: Ppaa: peer-to-peer anonymous authentication. In: International Conference on Applied Cryptography and Network Security, pp. 55–74. Springer (2008)Google Scholar
- 7.Chen, C.M., Fang, W., Wang, K.H., Wu, T.Y.: Comments on an improved secure and efficient password and chaos-based two-party key agreement protocol. Nonlinear Dyn. 87, 1–3 (2016)Google Scholar
- 8.Chen, C.M., Xu, L., Wu, T.Y., Li, C.R.: On the security of a chaotic maps-based three-party authenticated key agreement protocol. J. Netw. Intell. 2, 61–65 (2016)Google Scholar
- 10.Chen, C.M., Chen, S.M., Zheng, X., Yan, L., Wang, H., Sun, H.M.: Pitfalls in an ecc-based lightweight authentication protocol for low-cost rfid. J. Inf. Hiding Multimedia Sig. Process. 5(4), 642–648 (2014)Google Scholar
- 13.Wang, E.K., Cao, Z., Wu, T.Y., Chen, C.M.: Mapmp: a mutual authentication protocol for mobile payment. J. Inf. Hiding Multimedia Sig. Process. 6(4), 697–707 (2015)Google Scholar
- 15.Farash, M.S., Chaudhry, S.A., Heydari, M., Sadough, S., Mohammad, S., Kumari, S., Khan, M.K.: A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security. Int. J. Commun. Syst. (2015)Google Scholar
- 16.Chung, Y., Choi, S., Won, D.: Anonymous mutual authentication scheme for secure inter-device communication in mobile networks. In: International Conference on Computational Science and Its Applications, pp. 289–301. Springer (2016)Google Scholar