Cryptology ePrint Archive: Report 2012/055

Cryptanalysis of Mun et al.'s anonymous authentication scheme for roaming service in global mobility networks

Hongbin Tang and Xinsong Liu

Abstract: An anonymous user authentication scheme allows the user and the remote server to authenticate each other, and should preserve user anonymity. In 2011, Mun et al. proposed an enhanced secure anonymous user authentication scheme for roaming service in global mobility networks. They claimed that their scheme was more secure and efficient than others. However, we demonstrate that their scheme is vulnerable to the insider, impersonation, server spoofing, and denial of service attacks along with the efficiency and password issues. Meanwhile, it cannot provide any user anonymity. Thus it is not feasible for the real-life implementation.

Category / Keywords: cryptographic protocols / cryptanalysis

Date: received 6 Feb 2012, last revised 7 Feb 2012, withdrawn 7 Feb 2012

Contact author: tanghongbin at uestc edu cn

Available formats: (-- withdrawn --)

Version: 20120208:001328 (All versions of this report)

Discussion forum: Show discussion | Start new discussion