An Improved Delegation-Based Authentication Protocol for PCSs

Authors

  • Cheng Chi Lee Department of Library and Information Science Fu Jen Catholic University
  • Rui Xiang Chang Department of Photonics & Communication Engineering Asia University
  • Te Yu Chen Department of Information Networking Technology Hsiuping University of Science and Technology
  • Lung Albert Chen Department of Multimedia Information Science and Applications Asia University

DOI:

https://doi.org/10.5755/j01.itc.41.3.857

Keywords:

authentication, delegation-based authentication, portable communication systems, user anonymity, perfect forward secrecy, roaming, public-key

Abstract

A new delegation-based authentication protocol was proposed by Lee and Yeh in 2005, claiming that they have provided users with Portable Communication Systems (PCS), which are anonymity and non-repudiation. However, they have also pointed out that their protocol has a weakness in off-line authentication processes. That is, a malicious who visits location register (VLR) can masquerade another mobile user to login to home location register (HLR). To solve this weakness, Lee et al. later on proposed an improved protocol, which slightly modified the original one Unfortunately, we found out that Lee et al.’s protocol still cannot achieve user anonymity and does not provide perfect forward secrecy. In this paper, we first utilize Lee et al.’s protocol to demonstrate that Lee-Yeh’s protocol has an instinctive design flaw. Furthermore, we propose a modification to improve Lee et al.’s protocol to overcome these weaknesses.

DOI: http://dx.doi.org/10.5755/j01.itc.41.3.857

Downloads

Published

2012-09-05

Issue

Section

Articles