Abstract
The goal of the third-generation mobile systems is to provide worldwide operation, enhance service capabilities, and improve performance over the second-generation mobile systems. In this paper, we propose an authentication procedure for third-generation mobile systems. The authentication procedure is a protocol suite consisting of two subprotocols: a certificate-based authentication (CBA) protocol and a ticket-based authentication (TBA) protocol. Only two parties, MS and VLR, are involved in executing our protocol. Our authentication procedure uses both public- and secret-key cryptosystems. Our authentication procedure not only provides uniform authentication across domains, but also reduces computational costs in the process of repeated authentication. We provide firm proof of our procedure's correctness.
Similar content being viewed by others
References
A. Aziz and W. Diffie, “Privacy and Authentication for Wireless Local Area Networks”, IEEE Personal Communications, Vol. 1, No. 1, pp. 25-31, 1994.
M.J. Beller, L.F. Chang and Y. Yacobi, “Privacy and Authentication on a Portable Communication System”, IEEE Journal on Selected Areas in Communications, Vol. 11, No. 6, pp. 821-829, 1993.
V. Bharghavan, “Secure Wireless LANs”, in Proceedings of ACM Conference on Computer and Communications Security, 1994, pp. 10-17.
D. Brown, “Techniques for Privacy and Authentication in Personal Communication Systems”, IEEE Personal Communications, Vol. 2, No. 4, pp. 6-10, 1995.
M. Burrows, M. Abadi and R.M. Needham, “A Logic of Authentication”, ACM Transactions on Computer Systems, Vol. 8, No. 1, pp. 18-36, 1990.
U. Carlsen, “Optimal Privacy and Authentication on a Portable Communication System”, Operating Systems Review, Vol. 28, No. 3, 16-23, 1994.
B.E. Fernandes, “Towards 3rd–Generation Mobile Systems”, in Proceedings of IEEE International Conference on Personal Wireless Communications '96, 1996, pp. 507-512.
Y. Frankel, A. Herzberg, P.A. Karger, H. Krawczyk, C.A. Kunzinger and M. Yung, “Security Issues in a CDPD Wireless Network”, IEEE Personal Communications, Vol. 2, No. 4, 16-27, 1995.
D. Kesdogan, H. Federrath, A. Jerichow and A. Pfitzmann, “Location Management Strategies Increasing Privacy in Mobile Communication”, in Proceedings of Information Systems Security Facing the Information Society of the 21st Century, IFIP, 1996, pp. 39-48.
N.Y. Lee and T. Hwang, “On the Security of Park et al.'s Key Distribution Protocol for Digital Mobile Communications”, in Proceedings of the Seventh IEEE International Symposium on Personal Indoor and Mobile Radio Communications '96, 1996, pp. 1248-1251.
H.Y. Lin and L. Harn, “Authentication in Wireless Communications”, in Proceedings of IEEE Global Telecommunications Conference, Including a Communications Theory Mini-Conference Technical Program Conference Record '93, 1993, pp. 550-554.
H.Y. Lin and L. Harn, “Authentication Protocols for Personal Communication Systems”, manuscript.
J. Liu and Y. Wang, “Authentication of Mobile Users in Personal Communication System”, in Proceedings of the Seventh IEEE International Symposium on Personal Indoor and Mobile Radio Communications '96, 1996, pp. 1239-1242.
S. Mohan, “Privacy and Authentication Protocol for PCS”, IEEE Personal Communications, pp. 34-38, 1996.
R. Molva, D. Samfat and. Tsudik, “Authentication of Mobile Users”, IEEE Network, Vol. 8, No. 2, pp. 26-34, 1994.
R. Pandya, D. Grillo, E. Lycksell, P. Mieybegue, H. Okinaka and M. Yabusaki, “IMT-2000 Standards: Network Aspects”, IEEE Personal Communications, Vol. 4, No. 4, pp. 20-29, 1997.
C.S. Park, “On Certificate-Based Security Protocols for Wireless Mobile Communication Systems”, IEEE Network, pp. 50-55, 1997.
C. Park, K. Kurosawa, T. Okamoto and S. Tsujii, “On Key Distribution and Authentication in Mobile Radio Networks”, in Proceedings of Advances in Cryptology-Eurocrypt '93, 1993, pp. 461-465.
S. Patel, “Location, Identity and Wireless Fraud Detection”, in Proceedings of IEEE International Conference on Personal Wireless Communications '97, 1997, pp. 515-521.
“Weaknesses of North American Wireless Authentication Protocol”, IEEE Personal Communications, Vol. 4, No. 3, pp. 40-44, 1997.
S. Putz, R. Schmitz and F. Tonsing, “Authentication Schemes for Third Generation Mobile Radio Systems”, in Proceedings of the Ninth IEEE International Symposium on Personal Indoor and Mobile Radio Communications '98, 1998, pp. 126-130.
S.P. Shieh, C.T. Lin and J.T. Hsueh, “Secure Communication in Global Systems for Mobile Telecommunication”, in Proceedings of the First Workshop on Mobile Computing, 1994, pp. 136-142.
F. Stoll, “The Need for Decentralization and Privacy in Mobile Communications Networks”, Computers and Security, Vol. 14, No. 6, pp. 527-539, 1995.
M. Tatebayashi and D.B. Newman, “Key Distribution Protocol for DigitalMobile Communication Systems”, in Proceedings of Advances in Cryptology-Crypto '89, 1989, pp. 324-333.
V. Varadharajan and Y. Mu, “Preserving Privacy in Mobile Communications: A Hybrid Method”, in Proceedings of IEEE International Conference on Personal Wireless Communications '97, 1997, pp. 532-536.
J.E. Wilkes, “Privacy and Authentication Needs of PCS”, IEEE Personal Communications, Vol. 2, No. 4, pp. 11-15, 1995.
ITU-T Recommendation X.509, “The Directory: Authentication Framework”, 1993.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Tzeng, ZJ., Tzeng, WG. Authentication of Mobile Users in Third Generation Mobile Systems. Wireless Personal Communications 16, 35–50 (2001). https://doi.org/10.1023/A:1026530706019
Issue Date:
DOI: https://doi.org/10.1023/A:1026530706019