Mobile communication network has brought us great convenience. However, network security issues are outstanding increasingly. Authentication is the most essential procedure for preventing illegitimate, unauthorized or insecure devices from making access to the network. Tang and Wu proposed an efficient mobile authentication scheme for wireless networks, and claimed the scheme can effectively defend all known attacks to mobile networks including the denial-of-service attack. This paper strengthens the security of the scheme by authenticating the identity of visited location register such that any adversary cannot obtain the communication key between a mobile user and a service provider, or prevent them from establishing this key. An improvement is proposed to remedy these flaws. Our design is a less strong requirement for a mobile user MS in the communication cost than that of Tang and Wu's.

 

DOI: http://dx.doi.org/10.11591/telkomnika.v11i10.3706

 

elliptic-curve cryptography; mutual authentication; mobile communication; security