||Wireless communication has played a very important role in people communication activities due to the properties of fast mobility and high|
portability. Many security mechanisms for mobile communications have been introduced in the literature.
Among these mechanisms,
authentication is a quite important task in the entire mobile network system and acts as the first defense against attackers
since it ensures the correctness of the identities of distributed communication entities before they engage in any other communication
activity. Some schemes have similar drawbacks, such as high bandwidth consumption between VLR and HLR, storage overhead in VLR, and lack of
On the other hand, some protocols are efficient, but they are not based on rational assumptions.
Ideally, a mobile authentication scheme should achieve mutual entity authentication, low storage cost in VLR, and
light-weight computation and communication for each entity, to provide secure and fast communication services.
Therefore, in order to guarantee the quality of this advanced technology, an efficient (especially, user efficient) and secure
authentication scheme is urgently desired, and moreover, it should be under reasonable assumptions.
In this dissertation, we come up with a novel authentication mechanism, called the nested
one-time secret mechanism, tailored for mobile communication environments. Through maintaining inner and outer synchronously changeable
common secrets, respectively, every mobile user can be rapidly authenticated by VLR and HLR, respectively, in the proposed scheme based on
Not only does the proposed solution achieve mutual authentication, but also it greatly reduces the computation and communication cost
of the mobile users as compared with the existing authentication schemes.
Finally, we formally prove that the proposed scheme is a secure mutual authentication and key exchange scheme under the assumptions of semantic
security of encryption, indistinguishability of a pseudorandom function and a random function, and indistinguishability
of a pseudorandom permutation and a random permutation.