Comments on an anonymous and self-verified mobile authentication with authenticated key agreement for large-scale wireless networks
RIS ID
89153
Abstract
In a recent paper (IEEE Trans. Wireless Commun., vol. 9, no. 11, 2010), Chang and Tsai presented a self-verified mobile authentication scheme for large-scale wireless networks. In this letter, we show that there is a serious security flaw in the key delegation phase of the scheme: two colluding mobile users can retrieve the long-term secret key of their home server without performing any active attacks.We then present a suggestion to fix the problem without losing any features (such as high efficiency and scalability) of the original scheme.
Publication Details
Yang, G. (2011). Comments on an anonymous and self-verified mobile authentication with authenticated key agreement for large-scale wireless networks. IEEE Transactions on Wireless Communications, 10 (6), 2015-2016.