A user authentication scheme with identity and location privacy

Abstract

The rapid growth of wireless systems provides us with mobility. In mobile environments, authentication of a user and confidentiality of his identity and location are two major security issues, which seem incompatible with each other. In this manuscript, we propose a user authentication scheme with identity and location privacy. This scheme is an interactive protocol based on public key cryptosystems. In the proposed scheme, to prove his authenticity, a user utilizes a digital signature scheme based on a problem with a random self-reducible relation such as the square root modulo a composite number problem and the discrete logarithm problem. We also define the security requirements for user authentication with identity and location privacy, impersonationfreeness and anonymity, against active attacks, and prove that the proposed scheme satisfies them assuming the security of the cryptographic schemes used in the scheme. Furthermore, we show that we can construct authenticated key agreement schemes by applying the proposed scheme to some existing authenticated key agreement schemes.