User Authentication Based on Trusted Computing and CPK for Mobile Terminal in HWN

In this paper, the security of user domain including mobile terminal (MT) and user in heterogeneous wireless networks (HWN) are paid more attention. We introduce the trusted platform module (TPM) to ensure the terminal trustworthiness, while password, fingerprint and smartcard guarantee userpsilas identity. MT, user, and smartcard have been regarded as three separated entities, as well as the user including the owner and operator of MT have been distinguished. With the combination of TPM and CPK, the proposed scheme can implement TPM off-line identity attestation. A mutual authentication scheme among user/smartcard/MT is proposed to improve the security of the user domain and provide enhanced end-to-end security for MT to resist potential attacks from MT to user and resist possible attacks in HWN. The security and performance analyses show security, computation overhead and efficiency of this proposed scheme are enhanced.