Security analysis and enhanced user authentication in proxy mobile IPv6 networks

Kang, Dong-Woo; Jung, Jaewook; Lee, Dong‐Hoon; Kim, Hyoungshick; Won, Dongho

doi:10.1371/journal.pone.0181031

Cited by 8 publications

(8 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The attack that an adversary creates independent connection with the victims and sends messages between them, causing them to think that they are directly talking to each other over local mobility domain while indeed the whole conversation is manipulated by the attacker [ 32 ].…”

Section: Security Threatsmentioning

confidence: 99%

“…A secure password authentication mechanism for seamless handover(SPAM) [ 34 ] is proposed that executes two separate mutual authentications as One is between the MN and the MAG and the other is between the MAG and the LMA. The authors [ 32 , 37 ] analyzed and discussed that this scheme is vulnerable to the critical attacks such as stolen smart card, off-line dictionary, replay and impersonation. These researchers also discussed that an identity of MN and shared session key between MN and MAG can be leaked which may result in violation of anonymity and confidentiality requirements.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

MES-FPMIPv6: MIH-Enabled and enhanced secure Fast Proxy Mobile IPv6 handover protocol for 5G networks*^

et al. 2022

Self Cite

View full text Add to dashboard Cite

Fast Proxy Mobile IPv6 (FPMIPv6) is an extension of the PMIPv6 mobility management deployed as part of the next-generation internet protocol. It allows location-independent routing of IP datagrams, based on local mobility to IPv6 hosts without involvement of stations in the IP address signaling. A mobile node keeps its IP address constant as it moves from link to link, which avoids signaling overhead and latency associated with changing IP address. Even though local mobility requirements hold, it entails security threats such as Mobile Node, Mobile Access Gateway, as well as Local Mobility Anchor impersonation that go beyond those already exist in IPv6. As mobile station keeps moving across different serving networks, its IP remains constant during handover, and location privacy may not also be preserved. Moreover, homogeneous network dependence of PMIPv6 is one of the gaps, which FPMIPv6 could not mitigate. FPMIPv6 does not support heterogeneous network handover, for which numerous researchers have proposed Media Independent Handover (MIH) enabled FPMIPv6 schemes to allow fast handover among heterogeneous networks, but in the absence of security solutions. As a comprehensive solution, we propose a new handover authentication scheme and a key agreement protocol for the ‘MIH-enabled Network Only FPMIPv6’ model. As one of the basic requirements, mobility management should minimize signaling overhead, handover delay and power consumption of the mobile node. The proposed scheme improves wireless link overhead (mobile node overhead) by 6-86% as cell radius, wireless failure probability and number of hop vary. The security of the proposed scheme has also been analyzed under BAN logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and its performance has numerically been evaluated through a pre-determined performance matrix and found to be effective and preferably applicable compared with other schemes.

show abstract

Section: Security Threatsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

MES-FPMIPv6: MIH-Enabled and enhanced secure Fast Proxy Mobile IPv6 handover protocol for 5G networks*^

et al. 2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…In this section, we compare the computational and communication costs for the proposed scheme with those of other related schemes for cloud computing environments. We considered the computational cost and number of 12 Wireless Communications and Mobile Computing communications occurring during the login and authentication process. As described by Kocarev and Lian [37], we consider the execution time of cryptographic operations as follows:…”

Section: Performance Analysismentioning

confidence: 99%

“…In recent years, various user authentication schemes have been proposed [8][9][10][11][12], and user authentication studies using various cryptographic primitives have been proposed to protect a user's personal information in a cloud environment. However, the investigation into such studies has revealed that the level of security is still insufficient to authenticate and manage users in the current cloud computing environment.…”

Section: Introductionmentioning

confidence: 99%

Secure Three‐Factor Anonymous User Authentication Scheme for Cloud Computing Environment

Lee

Kang

Lee

et al. 2021

Wireless Communications and Mobile Computing

Self Cite

View full text Add to dashboard Cite

Cloud computing provides virtualized information technology (IT) resources to ensure the workflow desired by user at any time and location; it allows users to borrow computing resources such as software, storage, and servers, as per their needs without the requirements of complicated network and server configurations. With the generalization of small embedded sensor devices and the commercialization of the Internet of Things (IoT), short- and long-range wireless network technologies are being developed rapidly, and the demand for deployment of cloud computing for IoT is increasing significantly. Cloud computing, together with IoT technology, can be used to collect and analyse large amounts of data generated from sensor devices, and easily manage heterogeneous IoT devices such as software updates, network flow control, and user management. In cloud computing, attacks on users and servers can be a serious threat to user privacy. Thus, various user authentication schemes have been proposed to prevent different types of attacks. In this paper, we discuss the security and functional weakness of the related user authentication schemes used in cloud computing and propose a new elliptic curve cryptography- (ECC-) based three-factor authentication scheme to overcome the security shortcomings of existing authentication schemes. To confirm the security of the proposed scheme, we conducted both formal and informal analyses. Finally, we compared the performance of the proposed scheme with those of related schemes to verify that the proposed scheme can be deployed in the real world.

show abstract

“…In [27], Kang et al proposed an enhanced user authentication scheme in PMIPv6 networks to overcome the shortcomings of the smartcard-based authentication scheme developed by Alizadeh et al [28]. Alizadeh's scheme involves three stages: i) registration phase where a user keys in its password into the smartcard that communicates with the AAA server to register; ii) mutual authentication phase where the smartcard (i.e., MN) and a MAG authenticate each other; and iii) password change phase where the user can change its password in the smartcard and repeat the process.…”

Section: Related Workmentioning

confidence: 99%

Efficient, Secure, and Privacy-Preserving PMIPv6 Protocol for V2G Networks

Eiza

Shi

Marnerides

et al. 2019

IEEE Trans. Veh. Technol.

View full text Add to dashboard Cite

Abstract-To ensure seamless communications between mobile Electric Vehicles (EVs) and EV power supply equipment, support for ubiquitous and transparent mobile IP communications is essential in Vehicle-to-Grid (V2G) networks. However, it initiates a range of privacy-related challenges as it is possible to track connected EVs through their mobile IP addresses. Recent works are mostly dedicated to solving authentication and privacy issues in V2G networks in general. Yet, they do not tackle the security and privacy challenges resulting from enabling mobile IP communications. To address these challenges, this paper proposes an Efficient, Secure and Privacy-preserving Proxy Mobile IPv6 (ESP-PMIPv6) protocol for the protection of mobile IP communications in V2G networks. ESP-PMIPv6 enables authorised EVs to acquire a mobile IPv6 address and access the V2G network in a secure and privacy-preserving manner. While ESP-PMIPv6 offers mutual authentication, identity anonymity and location unlinkability for the mobile EVs, it also achieves authorised traceability of misbehaving EVs through a novel collaborative tracking scheme. Formal and informal security analyses are conducted to prove that ESP-PMIPv6 meets these security and privacy goals. In addition, via a simulated assessment, the ESP-PMIPv6 is proven to achieve low authentication latency, low handover delay, and low packet loss rate in comparison with the PMIPv6 protocol.

show abstract

Security analysis and enhanced user authentication in proxy mobile IPv6 networks

Cited by 8 publications

References 28 publications

MES-FPMIPv6: MIH-Enabled and enhanced secure Fast Proxy Mobile IPv6 handover protocol for 5G networks*^

MES-FPMIPv6: MIH-Enabled and enhanced secure Fast Proxy Mobile IPv6 handover protocol for 5G networks*^

Secure Three‐Factor Anonymous User Authentication Scheme for Cloud Computing Environment

Efficient, Secure, and Privacy-Preserving PMIPv6 Protocol for V2G Networks

Contact Info

Product

Resources

About