Volume 13, Number 5

Privacy-Preserving Authentication Scheme for Roaming Service in Global Mobility Networks


Sung Woon Lee1 and Hyunsung Kim2, 3, 1Tongmyong University, Korea, 2University of Malawi, Malawi, 3Kyungil University, Korea


With the rapid development of mobile intelligent technologies and services, users can freely experience ubiquitous services in global mobility networks. It is necessary to provide authentications and protection to the privacy of mobile users. Until now, many authentication and privacy schemes were proposed. However, most of the schemes have been exposed to some security problems. Recently, Madhusudhan and Shashidhara (M&S) proposed a lightweight authentication scheme, denoted as the M&S scheme, for roaming services in global mobility networks. This paper shows that the M&S scheme has security flaws including two masquerading attacks and a mobile user trace attack. After that, we propose a privacypreserving authentication scheme for global mobility networks. The proposed scheme not only focused on the required security but also added privacy concerns focused on anonymity based on a dynamic pseudonym, which is based on exclusive-or operation, hash operation and symmetric key cryptography. Formal security analysis is performed based on Burrow-Abadi-Needdham (BAN) logic and the ProVerif tool, which concludes that the proposed scheme is secure. The analysis shows that the proposed authentication scheme is secure and provides privacy with a reasonable performance.


Authentication, Communication System Security, Global Mobility Network, Health Information management, Privacy.