Fulltext

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks"

Alizadeh M 1 , Zamani M 2 , Baharun S 3 , Abdul Manaf A 4 , Sakurai K 1 , Anada H Show all authors , Anada H 5 , Keshavarz H 3 , Ashraf Chaudhry S 6 , Khurram Khan M 7

Affiliations 

  • 1 Faculty of Information Science and Electrical Engineering, Kyushu University, Fukuoka, Japan
  • 2 Department of Computer Science, Kean University, Union, New Jersey, United States of America
  • 3 Malaysia-Japan International Institute of Technology, Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia
  • 4 Advanced Informatics School, Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia
  • 5 Institute of Systems, Information Technologies and Nanotechnologies (ISIT), Fukuoka, Japan
  • 6 Department of Computer Science and Software Engineering, International Islamic University, Islamabad, Pakistan
  • 7 Center of Excellence in Information Assurance, King Saud University, Riyadh, Saudi Arabia
PLoS One, 2015;10(11):e0142716.
PMID: 26580963 DOI: 10.1371/journal.pone.0142716

Abstract

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

* Title and MeSH Headings from MEDLINE®/PubMed®, a database of the U.S. National Library of Medicine.

MeSH terms
Similar publications