Design and Research of a New secure Authentication Protocol in GSM networks

As the first line of defense in the security application system, Authentication is an important security service. Its typical scheme is challenge/response mechanism and this scheme which is simple-structured and easy to realize has been used worldwide. But these protocols have many following problems In the GSM networks such as the leakage of user indentity privacy, no security protection between home registers and foreign registers and the vicious intruders’ information stealing and so on. This paper presents an authentication protocol in GSM networks based on maths operation and modular square root technique . The analysis of the security and performance has also been done. The results show that it is more robust and secure compared to the previous agreements.


Introduction
Global mobile communications network GSM originated in 1980s as the Pan-European digital cellular system standard and it is now accepted as the worldwide wireless communication.They convey all sorts of data and messages through wireless channel and can't require the cables.With the development of network applications, security problems arises .As the first defense line of secure application system, the authentication is the most important secure service.However, it is not feasible for GSM networks to use traditional security mechanisms because of its inherent limitations.A kind of simple and efficient authentication protocol needs to be taken into account.
In this paper, we propose a suitable GSM authentication protocol that use mathematical and modular square residual to complete the authentication process.The protocol security analysis has been done.Compared to the previous agreements, it is more robust and secure.
The rest of the paper is organized as follows: Section 2 discusses related work.Section 3 presents the proposed authentication protocol.Section 4 analyzes the security and the performance of the proposed protocol.Section 5 finally concludes the paper.

Related work
User authentication is an important topic for communication security and there are many schemes existed for the purpose in the literatures.In 1981, Lamport [1] proposed a user authentication scheme for communication in insecure channel.With the development and application of wireless networks and mobile technologies, people begin to focus on GSM authentication protocol .In 2004, M. S. Hwang and L. H. Li [2] presented an authentication scheme, but it was found that this solution had weakness and a modified version to overcome them has been presented by M. S. Hwang, I.E.Liao and C. C. Lee [3] .The study in the literature [4] has showed that the scheme in [3] also fails to provide anonymity.Two recent studies [5][6] has shown that all above schemes are incapable of providing the anonymity.Later security weaknesses of the approaches in [2-4] have been concluded and an enhanced authentication scheme [7] with anonymity named as EASA has been presented.Through the analysis of the protocol in the literature [7], we find that the scheme is still not to provode anonymity ,it is also vulnerable to insider attack, off-line password guessing attack and forgery attack etc.
In this paper, we propose a suitable GSM authentication protocol using mathematical and modular square residual [8] to complete the certification process.This paper also makes the analysis of security and performance.Compared to the previous agreement, it is more robust and secure.

The proposed protocol
Supposing that a mobile user Mu whose home agent is HA will visit a foreign network and the foreign agent is FA .HA Selects two large prime numbers p, q and calculates n=pq as the public key.HA selecsts a random number In this section, we present our authentication protocol which has five phases: initialization ,login, authentication , refreshment of session key and refreshment of password.Table 1shows the symbol that would be used in this paper.

Authentication
The authentication phase includes five steps as follows: Step 1: After receiving the information m

Security Analysis
In Our scheme, the anonymity of Mu is obtained by hash function and Exclusive-OR operation.Assume that an attacker has extracted the information stored in Mu's smart card and the used meaages tranmitted among Mu,FA and HA.However, the attacker can not derive the real identity of Mu without knowing the value of (p, q) and the random number mu n .
In our scheme, the information of the smart card is is { , ', (.), , } , , m m m 5 m } , but the malicious attacker does not know the value of (p, q).According to the residual knowledge of modular square, it is not possible to get the message 1 m to the user, the attack failed.Our scheme also can resist forgery attack.Supposing that malicious attackers forgery into a mobile user or home agent to try to attack.They don't know { u TH mu ID }, malicious attackers can not finish the legitimate user authentication through the home agent.They do not know the key (p, q), malicious attackers can not impersonate the home agent to decrypt the message 1 m and perform the authentication through mobile users and foreign agent.
The proposed protocol also can resist known-session key attack , internal attack and replay attack.This scheme also has the characteristics of forward secrecy and so on , which enhance the performance of the protocol.

Performance Analysis
Our proposed protocol contains only five news exchange in terms of communication load and does not need clock synchronization mechanism, which reduces the consumption of clock synchronization and the timestamp setting.In terms of computational complexity, our protocol uses hash function and Exclusive-OR operation because of the wireless environment restrictions on energy and computing power.The proposed protocol performs not more than 2 msec in OpenSSL running time.Compared with other relevant protocols , our protocol is more simple and efficient.

Conclusions
In this paper, we propose an efficient authentication protocol for GSM networks and analyze the security and performance of the protocol.The results show that the protocol is secure and robust.
of HA and the key length is long enough such as 512 bits.For each foreign agent, and hash function such as SHA-1 algorithm.
h n b .When the user's smart card is stolen or losses ,an attacker can guess the user's identity and password to compute ''

Table 1 .
the symbol description x IDThe identity of mobile user x u pw