Numerous schemes of mobile authentication have been introduced in recent years for roaming environment. Attaining of mutual authentication connecting a mobile user and a visited location register within wireless networks is a serious concern of security. A scheme of trust-delegation based efficient mobile authentication (EMAS) was introduced which is untouchable to all recognized attacks together with the DoS attack, the attack of message en route and the attack of false base station. The introduced scheme necessitates considerably less communications while the working out overhead is also kept small and by means of trust delegation, a mobile station shares a secret with its home location register. The advantage of using of trust delegation on mobile authentication is that a scheme can make use of the public-key based tough security properties although achieving effectiveness in communication. Since the introduced scheme permits a visited location register to validate a mobile station at the very opening in the protocol execution, a DoS attack on a home location register all the way through a VLR can be prohibited.
Keywords: Mobile authentication, DoS attack, Visited location register, Trust delegation.
1. INTRODUCTION:
Rapid expansion of wireless networks is steadily changing the way like validation of mobile stations which is a serious unease intended for many emerging application. Mobile users can access the services which are provided by means of a foreign network all the way through roaming technology [4]. There is no trustworthy authentication server accessible to mobile users out of its home network. A mutual authentication and key exchange protocols was introduced by using secret splitting principle. A delegation-based authentication protocol was introduced for use in system of portable communication. Seamless inter-network function is extremely desirable to mobile users, and security such as authentication of mobile stations is demanding in this type of networks [8]. A mobile station out of its home network desires to be authenticated to be endorsed to access a visited network; on the other hand, in general there is no trustworthy authentication server available to the mobile station out of its home network. Attaining of mutual authentication connecting a mobile user and a visited location register within wireless networks is a serious concern of security. A Kerberos-like scheme was introduced for mobile authentication, and the scheme attain mutual authentication among a mobile station and a visited location register [1]. The scheme suffers from denial-of-service attacks that are aimed at a home register. Public key cryptosystems have been applied for mobile authentication within wireless networks. A blind signature was applied to intend a scheme of privacy protection for mobile stations which moreover provides mobile station authentication in addition to access authorization. A scheme of trust delegation based was introduced where a mobile station that is registered to a home location register or home network confirms its registration towards a visited location register [11]. The scheme makes use of the hash chain technique as well as trust delegation to authenticate mobile stations intended for successive sessions.
2. METHODOLOGY:
Trust delegation has been examined in the context of proxy signature. When the delegation is built ahead the intractability of discrete logarithm problem over restricted field, a smart-card description of was introduced and proven to be reducible to discrete logarithm difficulty when impersonation attack is disturbed [3]. The important advantage of using of trust delegation on mobile authentication is that a scheme can make use of the public-key based tough security properties although achieving effectiveness in communication in addition to computation all the way through the usage of a single symmetric key. Mobile station in such a scheme does not necessitate having its personal private key; therefore there is no incurred safety complication and transparency on public-key certificate distribution which is mainly expensive in a mobile environment [14]. It was assumed that any message among a mobile station and its home register has to go all the way through a visited location register. It was assumed that the connected communications outlay by means of the channel from a mobile station to a visited location register has a high communication outlay when compared to the channel from a visited location register to a mobile station and all former communications links are symmetric [9]. The home register of a mobile station is assumed to contain a communication link to the visited location register that is to serve the mobile station. One instance of such a link could be recognized by means of a close-circuit proprietary network infrastructure shown in fig1. There are four entities such as mobile station, visited location register, home location register and a trustworthy authentication server [7]. A link by means of a mark ”?? indicates that there is no direct communication connection among these two end entities. Home location register is able to access authentication server, so does visited location register. There exists a communications association connecting visited location register and home location register [2]. Based on the communications model, in view of the fact that both visited location register and home location register have access to authentication server, they can set up a secure channel among them.
3. AN OVERVIEW OF EFFICIENT MOBILE AUTHENTICATION SCHEME:
To spotlight on mobile authentication, it was initially assumed that an authentication scheme is obtainable to authenticate a visited location register and a home location register, and there are numerous of such type of authentication schemes. A scheme of trust-delegation based efficient mobile authentication (EMAS) was introduced which is untouchable to all recognized attacks together with the DoS attack, the attack of message en route and the attack of false base station [15]. Subsequent to initialization, the delegation working out at a mobile station in EMAS engages only a particular scalar point multiplication process. Besides of well-organized process for EMAS, this scheme merely requires two messages on a mobile station while existing schemes necessitate four messages or three messages key agreement provided that a mobile station and a home location register are harmonized in advance [12]. The introduced scheme necessitates considerably less communications while the working out overhead is also kept small. In the scheme, by means of trust delegation, a mobile station shares a secret with its home location register. A mobile station in the scheme initially signs a message in a comparable fashion as that intended for trust delegation and sends it to a visited location register so that it can confirm the strength of the delegation based on a public certificate published by means of home location register for this mobile station [5]. Hence the visited location registers able to validate a mobile station (VLR). Subsequent to the verification, the VLR forwards the request of service to the home location register which can subsequently forward the communication key to it following the shared secret is verified [10]. A novel mobile authentication scheme EMAS, enjoys both computation effectiveness in addition to communication efficiency. A smart-card delegation scheme was extended to a delegation method based on the problem of elliptic curve discrete logarithm and this delegation scheme is agreeable to fast functioning and it is used for the introduced mobile authentication to attain great communication effectiveness with a short key length and a tough level of security [6]. A malicious mobile station has to go all the way through a VLR to go through the network, and this mobile station is one hop away from it, a DoS attack on an home location register can be prevented in view of the fact that it can be prevented from entering the network and seems to be trickier on VLR since it is merely one-hop away from mobile stations [13]. EMAS does not necessitate a particular visited location register to forward the service request the introduced scheme is also invulnerable to the attacks focused on false base station attack. Revocation of delegation to a mobile station in the introduced scheme can be merely accomplished at home location register as it can make sure the reliability of the communication key in EMAS. Since the introduced scheme permits a visited location register to validate a mobile station at the very opening in the protocol execution, a DoS attack on a home location register all the way through a VLR can be prohibited. When a false visited location register colludes with a mobile station, a home location register can outline the DoS traffic sources back to the fake VLR, and this render the attack much less effective.
Fig1: An overview of communication model.
4. CONCLUSION:
A novel mobile authentication scheme EMAS, enjoys both computation effectiveness in addition to communication efficiency. A mobile station in the scheme initially signs a message in a comparable fashion as that intended for trust delegation and sends it to a visited location register so that it can confirm the strength of the delegation based on a public certificate published by means of home location register for this mobile station. Since EMAS does not necessitate a particular visited location register to forward the service request the introduced scheme is also invulnerable to the attacks focused on false base station attack.
REFERENCES:
[1] W.-B. Lee and C.-K. Yeh, ‘A new delegation-based authenticationprotocol for use in portable communication systems,’ IEEE Trans. Wireless Commun., vol. 4, no. 1, pp. 57’64, 2005.
[2] (2000) TR 33.902: Formal analysis of the 3g authentication protocol. Third Generation Partnership Project – Authentication and Key Agreement (AKA)
[3] Y. Jiang, C. Lin, X.Shen, and M. Shi, Mutual authentication and key exchange protocols for roaming services in wireless mobile networks, IEEE Transactions on Wireless Communications, vol.5, no. 9, pp.2569-2577, 2006.
[4] J. van der Merwe, D. Dawoud, S. Mcdonald, A survey on peer-to-peer key management for mobile ad hoc networks, ACM Computing Surveys, vol.39, no.1, pp.1-45, 2007
[5] R. Molva, D. Samfat, G. Tsudik, ‘Authentication of mobile users,’ IEEE Network Special Issue on Mobile Communications vol.8, no. 2, pp.26-34, 1994.
[6] W.-B. Lee, C.-K. Yeh, A new delegation-based authentication protocol for use in portable communication systems, IEEE Transactions on Wireless Communications, vol.4, no.1, pp.57-64, 2005.
[7] B. Lee, H. Kim, and K. Kim, ‘Secure mobile agent using strong nondesignated proxy signature,’ in LNCS 2119). Springer-Verlag, 2001, pp. 474’486.
[8] C. Tang and D. O. Wu, Mobile privacy in wireless networks revisited, IEEE Transactions on Wireless Communications, vol.7, no.3, pp.1035-1042.
[9] T. Okamoto, M. Tada, E. Okamoto, Extended proxy signature for smart card, in LNCS 1729. Spinger-Verlag, 1999, pp. 247-258.
[10] C. Tang and D. O. Wu, An efficient mobile authentication for wireless networks, IEEE Transactions on Wireless Communications, vol.7, no.4, pp.1408- 1416, 2008.
[11] R. M. Needham and M. D. Schroeder, ‘Using encryption for authentication in large networks of computers,’ Communications of the ACM,
vol. 21, no. 12, pp. 993’999, Dec. 1978.
[12] D. Hankerson, J. L. Hernandez, and A. Menezes, ‘Software implementation of elliptic curve cryptography over binary fields,’ in Proc. of CHES 2000 (LNCS 1965). Springer-Verlag, 2000, pp. 1’24.
[13] D. Samfat, R. Molva, and N. Asokan, ‘Untraceability in mobile networks,’ in Proc. of International Conference on Mobile Computing and Networking, 1995, pp. 26’36.
[14] A. Evans, W. Kantrowitz, and W. Weiss, ‘A user authentication scheme not requiring secrecy in the computer,’ Communications of the ACM,
vol. 17, no. 8, pp. 437’442, Aug. 1974.
[15] M. Zhang and Y. Fang, ‘Security analysis and enhancements of 3GPP authentication and key agreement protocol,’ IEEE Trans. Wireless Commun., vol. 4, no. 2, pp. 734’742, Mar. 2005.