A Self-certified Mechanism for Mutual Authentication and Key Exchange in Roaming Services

In this paper, a novel mutual authentication and key exchange protocol based on self-certified mechanism is proposed for roaming services in the global mobility network (GLOMONET). The main new features of the proposed protocol include identity anonymity, one-time session key renewal, and distributed security management scheme. Identity anonymity protects location privacy of mobile users in the roaming network environment. One-time session key renewal protocol frequently updates the session key for mobile users and hence reduces the risk of using a compromised session key to communicate with visited networks. The distributed security management scheme provides an efficient management mechanism: the original security manager in home network is responsible for providing local services for his mobile user whilst a temporary security manager dynamically generated for a roaming user in the visited network is in charge of providing roaming services. After certification, the temporary security manager will take the place of the original security manager when the roaming user stays in the service area of the visited network. The results of performance analysis show that the computation complexity of our protocol is not high and does satisfy the computation capacity requirement for mobile device while these new security features have been significantly enhanced. Keywords—Authentication, key exchange, roaming service, anonymity, self-certified.