An Anonymous and Self-Verified Mobile Authentication with Authenticated Key Agreement for Large-Scale Wireless Networks

Increasing numbers of mobile users are being allowed to use wireless networks, and universal access is being promoted. In the absent of a single, trusted authentication server, it is a great challenge to ensure the inter-domain security, which makes it feasible for users to migrate into foreign domains. Thus, an authentication mechanism is needed between mobile users and foreign servers, and an authenticated key also is highly desirable to support secure communications in wireless networks. In addition, maintaining the anonymity of users is an important security requirement, such as the information about customers\´s behaviors. Recent research has focused on these issues and has provided definitions and some constructions. Importantly, Tang and Wu proposed an efficient mobile authentication scheme, which they called `\´Efficient Mobilization Authentication Scheme" (EMAS), which enjoys both computational efficiency and communication efficiency that exceed the efficiencies of other recent mobile authentication schemes. Unfortunately, we found out that Tang and Wu\´s scheme does not meet the basic security requirements. Therefore, to develop a more acceptable mobile authentication scheme, we propose a self-verified mobile authentication scheme that has a novel architecture. To provide the better computation efficiency and storage efficiency, our scheme does not require of long-term secret keys on the servers.