Anonymous and authenticated key exchange for roaming networks

User privacy is a notable security issue in wireless communications. It concerns about user identities from being exposed and user movements and whereabouts from being tracked. The concern of user privacy is particularly signified in systems which support roaming when users are able to hop across ne...

Full description

Saved in:
Bibliographic Details
Main Authors: YANG, Guomin, WONG, Duncan S., DENG, Xiaotie
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2007
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/7402
https://ink.library.smu.edu.sg/context/sis_research/article/8405/viewcontent/Anonymous_and_Authenticated_Key_Exchange20160206_25255_411v86_with_cover_page_v2.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-8405
record_format dspace
spelling sg-smu-ink.sis_research-84052022-10-13T07:12:50Z Anonymous and authenticated key exchange for roaming networks YANG, Guomin WONG, Duncan S. DENG, Xiaotie User privacy is a notable security issue in wireless communications. It concerns about user identities from being exposed and user movements and whereabouts from being tracked. The concern of user privacy is particularly signified in systems which support roaming when users are able to hop across networks administered by different operators. In this paper, we propose a novel construction approach of anonymous and authenticated key exchange protocols for a roaming user and a visiting server to establish a random session key in such a way that the visiting server authenticates the user's home server without knowing exactly who the user is. A network eavesdropper cannot find out the user's identity either (user anonymity). In addition, visited servers cannot track the roaming user's movements and whereabouts even they collude with each other (user untraceability). Our construction approach is generic and built upon provably secure two-party key establishment protocols. Merits of our generic protocol construction include eliminating alias synchronization between the user and the home server, supporting joint key control, and not relying on any special security assumptions on the communication channel between the visiting server and the user's home server. Our protocol can also be implemented efficiently. By piggybacking some message flows, the number of message flows between the roaming user and the visiting server is only three. As of independent interest, we describe a new practical attack called deposit-case attack and show that some previously proposed protocols are vulnerable to this attack. 2007-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7402 info:doi/10.1109/TWC.2007.06020042 https://ink.library.smu.edu.sg/context/sis_research/article/8405/viewcontent/Anonymous_and_Authenticated_Key_Exchange20160206_25255_411v86_with_cover_page_v2.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Anonymity untraceability privacy authenticated key exchange roaming Information Security OS and Networks
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Anonymity
untraceability
privacy
authenticated key exchange
roaming
Information Security
OS and Networks
spellingShingle Anonymity
untraceability
privacy
authenticated key exchange
roaming
Information Security
OS and Networks
YANG, Guomin
WONG, Duncan S.
DENG, Xiaotie
Anonymous and authenticated key exchange for roaming networks
description User privacy is a notable security issue in wireless communications. It concerns about user identities from being exposed and user movements and whereabouts from being tracked. The concern of user privacy is particularly signified in systems which support roaming when users are able to hop across networks administered by different operators. In this paper, we propose a novel construction approach of anonymous and authenticated key exchange protocols for a roaming user and a visiting server to establish a random session key in such a way that the visiting server authenticates the user's home server without knowing exactly who the user is. A network eavesdropper cannot find out the user's identity either (user anonymity). In addition, visited servers cannot track the roaming user's movements and whereabouts even they collude with each other (user untraceability). Our construction approach is generic and built upon provably secure two-party key establishment protocols. Merits of our generic protocol construction include eliminating alias synchronization between the user and the home server, supporting joint key control, and not relying on any special security assumptions on the communication channel between the visiting server and the user's home server. Our protocol can also be implemented efficiently. By piggybacking some message flows, the number of message flows between the roaming user and the visiting server is only three. As of independent interest, we describe a new practical attack called deposit-case attack and show that some previously proposed protocols are vulnerable to this attack.
format text
author YANG, Guomin
WONG, Duncan S.
DENG, Xiaotie
author_facet YANG, Guomin
WONG, Duncan S.
DENG, Xiaotie
author_sort YANG, Guomin
title Anonymous and authenticated key exchange for roaming networks
title_short Anonymous and authenticated key exchange for roaming networks
title_full Anonymous and authenticated key exchange for roaming networks
title_fullStr Anonymous and authenticated key exchange for roaming networks
title_full_unstemmed Anonymous and authenticated key exchange for roaming networks
title_sort anonymous and authenticated key exchange for roaming networks
publisher Institutional Knowledge at Singapore Management University
publishDate 2007
url https://ink.library.smu.edu.sg/sis_research/7402
https://ink.library.smu.edu.sg/context/sis_research/article/8405/viewcontent/Anonymous_and_Authenticated_Key_Exchange20160206_25255_411v86_with_cover_page_v2.pdf
_version_ 1770576332357369856