Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

Outline 1. Introduction 2. Review of Wu et al.’s scheme 3. Weakness of Wu et al.’s scheme 4. Improved Scheme 5. Security Analysis 6. Conclusion 1

1. Introduction 人 In recent years, many authors proposed the anonymous authentication scheme for wireless communications. In 2004, Zhu and Ma proposed an authentication scheme with anonymity for wireless communications. However, in 2006, Lee, Hwang and Laio pointed out that Zhu-Ma’s scheme exists some weaknesses and proposed the improved scheme to overcome these weaknesses in Zhu-Ma’s scheme. 2

1. Introduction In 2008, Wu, Lee and Tsaur pointed out that Lee et al’s scheme still exists weakness of anonymity and backward secrecy. Therefore, they also proposed an improved scheme to improve the weaknesses in Lee et al.’s scheme. In 2009, Zeng et al and Lee et al found out that Wu et al.’s scheme still not protect the anonymity of user. However, they did not propose the scheme to improve it. 3

1. Introduction In 2009, Chang et al. also pointed out that Wu et al’s scheme exists two weaknesses, which failed to achieve the anonymity and prevent impersonation attack. At the same time, they also proposed the improved scheme to overcome these weaknesses. However, it’s unfortunately, their proposed scheme still not efficiently overcome these weaknesses. In this paper, we will analyze Wu et al.’s scheme and propose a secure anonymous authentication scheme to improve the security weaknesses in Wu at al.’s scheme. 4

2. Review of Wu et al.’s scheme Notations MU : Mobile User HA : Home Agent of a mobile user FA : Foreign Agent of the network ID A : Identity of A T A : Timestamp of A Cert A : Certificate of A (X) K : Symmetric Encryption E K (X) : Asymmetric Encryption h(X) : Hash X using hash function PW A : Password of A P A : Public key of A S A : Private key of A 5

2. Review of Wu et al.’s scheme This scheme can be divided into three phases 1. Initial Phase MU registers with HA through secure channel. 2. First Phase FA authenticates MU through HA and establishes a session key with MU. 3. Second Phase MU updates the session key with FA. 6

2. Review of Wu et al.’s scheme Initial Phase MU HA Secure Channel 7

2. Review of Wu et al.’s scheme First Phase MU FAHA 8

2. Review of Wu et al.’s scheme Second Phase In order to enhance the efficiency, while MU stays with the same FA, the new session key k i can be derived from the unexpired previous secret knowledge x i−1 and a fixed secret x as MU FA Session key update 9

3. Weakness of Wu et al.’s scheme Anonymity Attacker MU FAHA 10

3. Weakness of Wu et al.’s scheme Impersonation attack MU FAHA PW MU * Attacker 11

4. Improved scheme Registration Phase MU HA Secure Channel 12

Authentication and establishment session key phase 4. Improved scheme MU FAHA 13

4. Improved scheme Session key update phase In order to enhance the efficiency, while MU stays with the same FA, the new session key k i can be derived from the unexpired previous secret knowledge x i−1 and a fixed secret x as MU FA Session key update 14

Password change phase MU FAHA 4. Improved scheme 15

5. Security Analysis Anonymity Attacker MU FAHA 16

5. Security Analysis Impersonation Attack MU FAHA 17

5. Security Analysis Comparison Table 18

6. Conclusion In this paper, we propose the secure anonymous auth- entication scheme which not only improves the above mentioned weaknesses in Wu et al.’s scheme, but also provides the extra function of changing password for mobile users. From our security analysis, we find out that our proposed scheme indeed can improve all of the weaknesses in Wu et al.’s scheme and also achieve our expected efficiency. 19

Many thanks for your listening 20