User authentication is an imperative mechani sm, especially for recognizing legal roaming users in global mobility networks (GLOMONET). Therefore, it is highly desirable to have a secure mutual authentication and key agreement (MAKA) scheme which can guarantee both the communication security as well as fairness. Here, by communication security, we mean protection against any unauthorized alteration of intercepted data flow. Whereas a fair key agreement protocol specifies that the agreed key contains some contribution from each participant, so that nobody has an unfair advantage in controlling the session key. In 2011, He et al. proposed an enhanced authentication and key agreement scheme with the user anonymity for roaming in GLOMONET environments. In this article, however, we reveal that the authentication and key agreement protocol presented by He et al. can assure neither communication security, nor any fairness in key agreement. Because of that, He et al.'s scheme suffers from certain weaknesses. Accordingly, He et al.'s scheme cannot achieve desired security. Therefore, here we propose a novel authentication mechanism to overcome these weaknesses. Performance analysis shows that our proposed scheme is secure and even more efficient as compared to He et al.'s scheme in GLOMONET.

• 出版日期2016-2