Anonymity and Untraceability Assessment of Authentication Protocols in Proxy Mobile IPv6

Alizadeh, Mojtaba; Baharun, Sabariah; Zamani, Mazdak; Khodadadi, Touraj; Darvishi, Mahdi; Gholizadeh, Somayyeh; Ahmadi, Hossein

doi:10.11113/jt.v72.3936

Cited by 9 publications

(4 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This section discusses the security strengths of the authentication methods in the PMIPv6 using the assumption that smart cards are not exactly free from tampering. The suitable authentication method should fulfill some security and privacy criteria such as anonymity, mutual authentication, session key secrecy, and user unlinkability [ 10 – 15 ]. Furthermore, authentication schemes should secure enough against some security attacks such as session hijacking, denial of service, impersonation, replay, password guessing, man-in-the-middle, stolen-verifier, and eavesdropping attacks [ 16 – 24 ].…”

Section: Security Issues Of the Spam Methodsmentioning

confidence: 99%

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

et al. 2015

Self Cite

View full text Add to dashboard Cite

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

show abstract

Section: Security Issues Of the Spam Methodsmentioning

confidence: 99%

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

et al. 2015

Self Cite

View full text Add to dashboard Cite

show abstract

“…However, SPAM is susceptible to the replay and malicious-insider attacks, and it does not provide protection against the compromise of a single node [ 10 ]. Also SPAM has several vulnerabilities which is susceptible to impersonation attack and password guessing attack, ignore the MAG and LMA anonymity [ 11 ]. To complement with these security drawbacks, Alizadeh et al proposed a new authentication scheme with revocation process in 2015 [ 12 ].…”

Section: Introductionmentioning

confidence: 99%

Security analysis and enhanced user authentication in proxy mobile IPv6 networks

et al. 2017

View full text Add to dashboard Cite

The Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol that allows a Mobile Node(MN) connected to the PMIPv6 domain to move from one network to another without changing the assigned IPv6 address. The user authentication procedure in this protocol is not standardized, but many smartcard based authentication schemes have been proposed. Recently, Alizadeh et al. proposed an authentication scheme for the PMIPv6. However, it could allow an attacker to derive an encryption key that must be securely shared between MN and the Mobile Access Gate(MAG). As a result, outsider adversary can derive MN’s identity, password and session key. In this paper, we analyze Alizadeh et al.’s scheme regarding security and propose an enhanced authentication scheme that uses a dynamic identity to satisfy anonymity. Furthermore, we use BAN logic to show that our scheme can successfully generate and communicate with the inter-entity session key.

show abstract

“…The security of authentication is vital because of numerous security threats. Therefore, secure authentication schemes for SIP protocol are becoming popular nowadays .…”

Section: Introductionmentioning

confidence: 99%

A provably secure anonymous authentication scheme for Session Initiation Protocol

Chaudhry

Khan

Irshad

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

Recently, Lu et al. presented a mutual authentication scheme for Session Initiation Protocol. Lu et al. claimed their scheme provides safeguard against familiar attacks and offers efficient authentication facility. However, this paper divulges that the scheme of Lu et al. is prone to server and user impersonation attacks. Additionally, the scheme of Lu et al. implicates correctness concerns. Consequently, an enhanced scheme is proposed, not only to resolve correctness concerns but also to provide robustness against server and user impersonation attacks. The proposed scheme makes use of a user‐specific secret parameter to deal with the security and correctness issues. The formal and informal security analysis proves the robustness and efficiency of the proposed scheme against all familiar attacks. Furthermore, security analysis is also substantiated through popular automated tool PROVERIF. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

Anonymity and Untraceability Assessment of Authentication Protocols in Proxy Mobile IPv6

Cited by 9 publications

References 31 publications

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

Security analysis and enhanced user authentication in proxy mobile IPv6 networks

A provably secure anonymous authentication scheme for Session Initiation Protocol

Contact Info

Product

Resources

About