With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Mutual authentication and key agreement are very important security mechanisms in wireless network systems for preventing unauthorized network access, server impersonation attack and malicious attacks of the subsequent session message. Considering the limited computing capability of smart cards or mobile devices, the security scheme design suitable for these mobile devices is a nontrivial challenge. This paper presents an authentication and key agreement mechanism for multi-domain wireless networks using certificateless public key cryptography. Based on the computational Diffie-Hellman assumption and the random oracle model, we show that the proposed scheme is secure against an uncertified user and a malicious registration server simultaneously. As compared with the recently proposed schemes, our scheme enjoys less computational cost on the basis of BLS short signature scheme and has higher security level by exploiting the certificateless public key cryptography system. Moreover, our scheme can be used to mutual authentication and key agreement between members of distinct domains where all the servers use different system parameters. Efficiency analysis of related the security and computation overheads are given to demonstrate that our scheme is well suited for mobile devices with limited computing capability.

• 出版日期2015-3
• 单位南昌大学; 东北大学