Wireless authentication protocols assuring user anonymity and end-to-end confidentiality

Abstract

In this thesis, we propose an authentication protocol that satisfies the security features required in wireless mobiles systems and preserves the anonymity of a mobile user. And we present the construction method of the end-to-end security protocol between two mobile users. The security services required in wireless mobile systems include:mutual authentication between the user and the network, the confidentiality of user data and signaling data, user anonymity over wireless and wired link and end-to-end confidentiality between two mobile users. In particular, we focus on the two services, user anonymity and end-to-end security. The important issue in the provision of security services in wireless mobile systems is to design the authentication protocol in which communication partners authenticate each other and agree on the secret session key which will be used to secure the subsequent session. In the design of the authentication protocol, we should consider the security features to be achieved during the run of the protocol and several environmental factors specific to wireless mobile systems. A basic solution for the provision of anonymity is to use the temporary identity(TID) of a mobile user instead of his real one. Before designing the authentication protocol, we discuss the previous protocols according to the anonymity schemes which were adapted to the protocol design. Several schemes have been proposed for the generation and computation do TID in the design of the protocol. The first method for providing user anonymity is the use of prearranged TID that has been distributed to the user by the home network or visited network. This method needs periodic changes of TID and an additional protocol to share a new TID between the user and the network. Another method is to encrypt the real identity of the user using the public key of the network. Both schemes are based on shared key crytosystems. They don``t provide some security features of wireless authe...