In the roaming service system of Global Mobile Networks (GLOMONET), mutual authentication and key agreement (MAKA) protocol is used to identify legitimate roaming users and establish a secure session between users and servers. In recent years, many MAKA protocols are proposed. Among them, the most representative is Gope-Hwang's, which uses the low-cost cryptographic primitives, and hence is more suitable for battery; powered mobile devices. In this paper, we analyze the deficiencies of Gope-Hwang's protocol and propose a novel efficient MAKA protocol with desynchronization for anonymous roaming service in GLOMONET. Gope-Hwang's protocol is lightweight but is susceptible to replay attacks and have a large storage burden. We utilize symmetric encryption to implement dynamic random pseudo-ID, which can achieve anonymity, solve storage burden problem and reach desynchronization. Informal analysis and automated security validation with AVISPA Tool show that our protocol can resist many common attacks such as replay attack, lost smart card attack, forgery attack etc. Moreover, compared to the other four selected protocols in our performance analysis, the efficiency of our protocol outperforms all the other work and is increased by 9.6% than that of Gope-Hwang's.

• 出版日期2018-4-1
• 单位天津大学