PLoS ONE (Jan 2015)

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

  • Mojtaba Alizadeh,
  • Mazdak Zamani,
  • Sabariah Baharun,
  • Azizah Abdul Manaf,
  • Kouichi Sakurai,
  • Hiroaki Anada,
  • Hassan Keshavarz,
  • Shehzad Ashraf Chaudhry,
  • Muhammad Khurram Khan

DOI
https://doi.org/10.1371/journal.pone.0142716
Journal volume & issue
Vol. 10, no. 11
p. e0142716

Abstract

Read online

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.