Cryptanalysis and improvement of "a secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks"

Mojtaba Alizadeh, Mazdak Zamani, Sabariah Baharun, Azizah Abdul Manaf, Kouichi Sakurai, Hiroki Anada, Hassan Keshavarz, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan

Research output: Contribution to journalArticle

11 Citations (Scopus)

Abstract

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

Original languageEnglish
Article number0142716
JournalPloS one
Volume10
Issue number11
DOIs
Publication statusPublished - Nov 1 2015

Fingerprint

Proxy
Authentication
Wireless networks
methodology
Network protocols
Equipment and Supplies

All Science Journal Classification (ASJC) codes

  • Biochemistry, Genetics and Molecular Biology(all)
  • Agricultural and Biological Sciences(all)

Cite this

Cryptanalysis and improvement of "a secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks". / Alizadeh, Mojtaba; Zamani, Mazdak; Baharun, Sabariah; Manaf, Azizah Abdul; Sakurai, Kouichi; Anada, Hiroki; Keshavarz, Hassan; Chaudhry, Shehzad Ashraf; Khan, Muhammad Khurram.

In: PloS one, Vol. 10, No. 11, 0142716, 01.11.2015.

Research output: Contribution to journalArticle

Alizadeh, M, Zamani, M, Baharun, S, Manaf, AA, Sakurai, K, Anada, H, Keshavarz, H, Chaudhry, SA & Khan, MK 2015, 'Cryptanalysis and improvement of "a secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks"', PloS one, vol. 10, no. 11, 0142716. https://doi.org/10.1371/journal.pone.0142716
Alizadeh, Mojtaba ; Zamani, Mazdak ; Baharun, Sabariah ; Manaf, Azizah Abdul ; Sakurai, Kouichi ; Anada, Hiroki ; Keshavarz, Hassan ; Chaudhry, Shehzad Ashraf ; Khan, Muhammad Khurram. / Cryptanalysis and improvement of "a secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks". In: PloS one. 2015 ; Vol. 10, No. 11.
@article{58619b9764f646f4beeb8a6d9d7e1152,
title = "Cryptanalysis and improvement of {"}a secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks{"}",
abstract = "Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.",
author = "Mojtaba Alizadeh and Mazdak Zamani and Sabariah Baharun and Manaf, {Azizah Abdul} and Kouichi Sakurai and Hiroki Anada and Hassan Keshavarz and Chaudhry, {Shehzad Ashraf} and Khan, {Muhammad Khurram}",
year = "2015",
month = "11",
day = "1",
doi = "10.1371/journal.pone.0142716",
language = "English",
volume = "10",
journal = "PLoS One",
issn = "1932-6203",
publisher = "Public Library of Science",
number = "11",

}

TY - JOUR

T1 - Cryptanalysis and improvement of "a secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks"

AU - Alizadeh, Mojtaba

AU - Zamani, Mazdak

AU - Baharun, Sabariah

AU - Manaf, Azizah Abdul

AU - Sakurai, Kouichi

AU - Anada, Hiroki

AU - Keshavarz, Hassan

AU - Chaudhry, Shehzad Ashraf

AU - Khan, Muhammad Khurram

PY - 2015/11/1

Y1 - 2015/11/1

N2 - Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

AB - Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

UR - http://www.scopus.com/inward/record.url?scp=84956941011&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84956941011&partnerID=8YFLogxK

U2 - 10.1371/journal.pone.0142716

DO - 10.1371/journal.pone.0142716

M3 - Article

C2 - 26580963

AN - SCOPUS:84956941011

VL - 10

JO - PLoS One

JF - PLoS One

SN - 1932-6203

IS - 11

M1 - 0142716

ER -