One-pass key establishment for anonymous wireless roaming
Published on Jun 25, 2010 in WCNIS (Wireless Communications, Networking and Information Security)
· DOI :10.1109/WCINS.2010.5541836
In recent years, privacy protection for a roaming user has become an increasingly demanding requirement for wireless communications. A secure wireless roaming protocol should not only establish a secure session key between a roaming user and a foreign server, but also provide privacy protection so to keep user identity from being exposed (user anonymity) and user movement from being tracked (user untraceability). In this paper, we propose the first one-pass anonymous key establishment protocol for wireless roaming which requires only the roaming user and the foreign server to get involved. No eavesdropper can get the user's real identity after the first temporary ID for the user is established. In each new session, this temporary ID is updated so that eavesdroppers cannot associate those temporary IDs to any particular user, nor telling if two roaming sessions are corresponding to the same user or not. While most of the existing anonymous roaming protocols require at least three message flows, our protocol requires only one and can still provide implicit authentication.