This website uses cookies to ensure you have the best experience. Learn more

Improving Remote User Authentication On Mobile Networks

3628 words - 15 pages

With the rapid development of mobile devices, people can easily use various electronic services any time everywhere for convenient and modern life. Remote user authentication becomes a very important ingredient procedure for the network system service to verify whether a remote user is legal through any insecure channel. Users can use to access many applications, for example internet banking, online shopping, mobile pay TV, are accomplished on internet or wireless networks. Therefore, secure communications in such wireless environments are more and more important because they protect transactions between users and servers. Especially, users are people vulnerable to attacks and there are many authentication systems proposed to guarantee them. Islam and Biswas have proposed a more efficient and secure ID-based system for mobile devices on ECC to enhance security for authentication with key agreement system. They claimed that their system truly is more secure than previous ones and it can resist various attacks. However, it is true because their system is vulnerable to known session-specific temporary information attack, and the other system is denial of service resulting from leaking server's database. Thus, the paper presents an improvement to their system in order to isolate such problems.

Keywords-Authentication, Password, Dynamic ID, Smart card, Impersonation, Session key, elliptic curve cryptosystem

1. Introduction

Elliptic Curve (EC) systems as applied to cryptography were first proposed in 1985 Independently by Neal Koblitz and Victor Miller. Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create smaller, faster, and more efficient cryptographic keys. Elliptic curve cryptography (ECC) is an approach to public key cryptography (PKC) based on the algebraic structure of elliptic curves over finite fields. The technology can be used in conjunction with most public key encryption methods, such as Diffie-Hellman and RSA. According to some researchers, Elliptic curve cryptography (ECC) can yield a level of security with a 164-bit key than other systems require a 1,024-bit key. Because ECC helps to establish equivalent security with lower computing power and battery resource usage. It is widely used for mobile applications. Elliptic Curve Cryptosystem (ECC) based remote authentication system has been use for mobile devices. Mobile phones are most common way of communication and accessing Internet based services. Currently, mobile phones are used for formal communication, sending and receiving sensitive data. However, the security of mobile communication has topped the list of concerns for mobile phone users. Public key cryptography is effective security solution to provide secure mobile communications. Mobile devices (e.g., cell phone, notebook PC and PDA) have gained increasingly popularity due to their portability nature. Therefore, secure...

Find Another Essay On Improving Remote User Authentication on Mobile Networks

Trusted Network Connect of Trusted Computing Group (TCG) With 802.1x Port based Authentication

4027 words - 16 pages P2P network problem. [2] States that most extensible authentication protocols lack the protection of identity. The work done in this paper is about WLAN networks. The discussion about EAP-TLS (Transport Layer Security) which follows the 802.1X standard is done. Basically four parties are involved in EAP-TLS protocol mobile terminal, access point, WLAN authentication server and cellular network authentication server. The proposed solution of this

Virtual Private Network Essay

4581 words - 18 pages disadvantage is that this type of VPN puts a heavy burden on the remote user's system like say a laptop. This is because all VPN processing is done on their system which slows down its performance. This architecture also posses some security issues as user authentication has to be done over the Internet (Fowler, D. 1999).2.1.2 NAS-Initiated VPNIn this type of VPN, the tunnel is established from the ISP's NAS to the host gateway. All VPN

Remote Access Solutions

1415 words - 6 pages Remote Access Solutions Remote access Remote access is defined as the ability of a user to log onto a network from a distant location. This is accomplished with a remote computer connected to the distant network. Whereas remote control refers to taking control of another computer, remote access means that the remote computer becomes a work station on the network. Communication between the network facility equipment and the remote computer

Internet Protocol Security (IPSec) for Backbones

1245 words - 5 pages on high performance networks number of techniques have been used till now and these techniques are the valuable addition in the current technologies .Purpose of this paper is to high light , what types of techniques are available in the current time for improving the performance of the transmission devices both at the H/W and S/W level while applying the IPSec and what drawbacks in the already existing techniques . Keywords: Internet Protocol

Wireless Network Security

3559 words - 14 pages authentication is a risky scheme because there is a ?human in the loop.? As described in Figure 5 ? shared key authentication, the shared key must be assigned outside of the 802.11 standard. Anyone who obtains a valid WEP key can gain access to the network. Since this does not positively identify a user, there is little possibility of discovering that someone is ?masquerading? on the network. This scheme can be enhanced by combining the MAC address list with

Network Policy Server and Remote Access

1301 words - 5 pages The nature of our business requires us to have a flexible sales force. Because of that detail we need to be receptive to the needs of our mobile workforce. The most critical tool involved in their success is the ability to reliably connect and access our company networks. These connections can be from employees using company issued laptops or personal computers used from home or on the road. For the most part we have addresses the needs of our

Virtual Private Networks

989 words - 4 pages a combination of the following security components: IP encapsulation, cryptographic authentication, and data payload encryption. For a true VPN to exist, it must contain all three of these components (Strebe, Matthew & Perkins, Charles, 2000). While payload encryption and cryptographic authentication may seem like the same thing, they are not. Cryptographic authentication is used for remote user authentication. Windows and Unix

The Process of Setting Up a GSM Network

3437 words - 14 pages considered to be the most efficient technology for mobile as well as data transmission. In GSM the same channel say 890 MHz is shared by different used in allocated time which is generally allotted for the radio. This represents that the user all can communicate with each other at same time. This can be done by allocating the 890n channels for a short period of time to user P and then Q and then S and so on. This allocation is done based on the demand

Implementing a New Wide Secure Wireless Network at Brigham Young University Hawaii

2628 words - 11 pages . Another way is we can install certificates on the laptops or devices those who desire to get access to the network. If they want to get access to the network they should present it at that time. Then the another common requirement for the users is to authenticate themselves by using two-authentication generally achieved by a combination of something then the user possess such a security token (eg.,USB dongle or security smart card) and something

Design a Network Infrastructure Because Networks are Configured in Many Ways, Network Systems and Data Communications Analysts are Needed to Design, Test, and Evaluate Systems Such as Local Area...

8965 words - 36 pages Services. It consists of two parts, permissions and authentication. RAS is a function of the Active Directory. RAS enables remote or mobile workers to connect to corporate networks via . a connection to a VPN remote access server which authenticates users and enforces encryption protocols until their remote access sessions are terminated. The remote Access Server acts as a gateway by sending data between the client and the LAN. This can be done through


692 words - 3 pages solutions to corporate and public sector organisations in Pakistan for several years. To achieve this success Wateen Telecom has always focused on delivering the highest level of service to customers, along with its responsiveness, agility and flexibility. Solution Recognizing the importance of remote access and the need to provide stronger authentication than simple passwords, Wateen offered NIB Bank Two-Factor Authentication (2FA) in the form of

Similar Essays

Improving Mobile Wi Max Eap Ttls Authentication With Minimum Downtime And Securing Its Management Channel

2229 words - 9 pages , typically involves a supplicant (that resides in the mobile station), an authenticator (that may reside in the base station or a gateway), and an authentication server [3]. EAP (Extensible Authentication Protocol) is a standard protocol (frequently used in wireless networks) for data transmission authentication, which is invoked by an 802.1X enabled NAS (Network Access Server) device such as an 802.11 a/b/g Wireless Access Point [4]. The EAP

Network Infrastructure Focusing On Wireless Networks: Bluetooth, Wi Fi And Mobile Phone Networks

4377 words - 18 pages wireless networks. There are two types of WPA security, Enterprise and Personal. Enterprise WPA is meant for use with an IEEE 802.1X authentication server, which distributes different keys to each user. Personal WPA utilizes less scalable "pre-shared key" (PSK) mode, where every allowed computer is given the same passphrase. In PSK mode, security depends on the strength and secrecy of the passphrase. [9] The range of the WLAN signal may increase or

Virtual Private Networks Essay

4352 words - 18 pages parts, permissions and authentication. RAS is a function of the Active Directory. RAS enables remote or mobile workers to connect to corporate networks via . a connection to a VPN remote access server which authenticates users and enforces encryption protocols until their remote access sessions are terminated. The remote Access Server acts as a gateway by sending data between the client and the LAN. This can be done through a dial-up connection or a

Implementation And Use Of Mobile Digital Devices For Its Business Operation

2578 words - 11 pages need for the user changes the SIM card for STK card, the user mobile phone login account trading Banks have enough pay individual account management and field expe-rience, moreover also has large users of its trust group of South Korea SK, KTF and LG etc. By the end of 2004 has more than 2000 bank ac-counts, online applications stored on USIM card of 3 g networks Industrial and commercial bank of China launched mobile banking use mobile phone