{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,30]],"date-time":"2025-10-30T07:14:50Z","timestamp":1761808490711,"version":"build-2065373602"},"reference-count":58,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2021,12,13]],"date-time":"2021-12-13T00:00:00Z","timestamp":1639353600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>The design and implementation of two-factor schemes designed for roaming mobile users for global mobility networks in smart cities requires attention to protect the scheme from various security attacks, such as the replay attack, impersonation attack, man-in-the-middle attack, password-guessing attack and stolen-smart-card attack. In addition to these attacks, the scheme should achieve user anonymity, unlinkability and perfect forward secrecy. In the roaming scenario, as mobile users are connected to the foreign network, mobile users must provide authentication details to the foreign network to which they are connected. The foreign network forwards the authentication messages received from the mobile users to their home network. The home network validates the authenticity of the mobile user. In the roaming scenario, all communication between the three entities is carried over an insecure channel. It is assumed that the adversary has the capabilities to intercept the messages transmitted over an insecure channel. Hence, the authentication scheme designed must be able to resist the above-mentioned security attacks and achieve the security goals. Our proposed scheme ES-HAS (elliptic curve-based secure handover authentication scheme) is a two-factor authentication scheme in which the mobile user possesses the password, and the smart card resists the above-mentioned security attacks. It also achieves the above-mentioned security goals. We also extended our two-factor authentication to a multi-factor authentication scheme using the fingerprint biometric technique. The formal security analysis using BAN logic and the formal security verification of the proposed scheme using the widely accepted AVISPA (automated validation of internet security protocols and applications) tool is presented in this article. In comparison with the related schemes, the proposed scheme is more efficient and robust. This makes the proposed scheme suitable for practical implementation.<\/jats:p>","DOI":"10.3390\/cryptography5040035","type":"journal-article","created":{"date-parts":[[2021,12,13]],"date-time":"2021-12-13T03:14:29Z","timestamp":1639365269000},"page":"35","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["ES-HAS: ECC-Based Secure Handover Authentication Scheme for Roaming Mobile User in Global Mobility Networks"],"prefix":"10.3390","volume":"5","author":[{"given":"Suvidha","family":"K. S.","sequence":"first","affiliation":[{"name":"Department of Mathematical and Computational Sciences, National Institute of Technology Karnataka, Surathkal Srinivasnagar PO, Mangalore 575025, India"}]},{"given":"Jothi","family":"Rangasamy","sequence":"additional","affiliation":[{"name":"Department of Mathematical and Computational Sciences, National Institute of Technology Karnataka, Surathkal Srinivasnagar PO, Mangalore 575025, India"}]},{"given":"Shyam","family":"S. Kamath","sequence":"additional","affiliation":[{"name":"Department of Mathematical and Computational Sciences, National Institute of Technology Karnataka, Surathkal Srinivasnagar PO, Mangalore 575025, India"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8918-1703","authenticated-orcid":false,"given":"Cheng-Chi","family":"Lee","sequence":"additional","affiliation":[{"name":"Department of Library and Information Science, Research and Development Center for Physical Education, Health, and Information Technology, Fu Jen Catholic University, No. 510, Zhongzheng Rd., Xinzhuang Dist., New Taipei City 24205, Taiwan"},{"name":"Department of Computer Science and Information Engineering, Asia University, Wufeng Shiang, Taichung 41349, Taiwan"}]}],"member":"1968","published-online":{"date-parts":[[2021,12,13]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"4136","DOI":"10.1002\/sec.1330","article-title":"An efficient biometric-based privacy-preserving three-party authentication with key agreement protocol using smart cards","volume":"8","author":"Odelu","year":"2015","journal-title":"Secur. Commun. Netw."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Park, Y., and Park, Y. (2016). Three-factor user authentication and key agreement using elliptic curve cryptosystem in wireless sensor networks. Sensors, 16.","DOI":"10.3390\/s16122123"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Yu, S., Lee, J., Park, Y., Park, Y., Lee, S., and Chung, B. (2020). A secure and efficient three-factor authentication protocol in global mobility networks. Appl. Sci., 10.","DOI":"10.3390\/app10103565"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"607","DOI":"10.1016\/j.future.2017.04.012","article-title":"A robust biometrics based three-factor authentication scheme for global mobility networks in smart city","volume":"83","author":"Li","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_5","first-page":"96","article-title":"A secure and lightweight authentication scheme for roaming service in global mobile networks","volume":"38","author":"Madhusudhan","year":"2018","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_6","first-page":"18","article-title":"An efficient and secure anonymous mobility network authentication scheme","volume":"19","author":"Kuo","year":"2014","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_7","first-page":"217","article-title":"A More Robust Authentication Scheme for Roaming Service in Global Mobility Networks Using ECC","volume":"18","author":"Guo","year":"2016","journal-title":"Int. J. Netw. Secur."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"1281","DOI":"10.1007\/s11277-016-3682-1","article-title":"Advanced secure anonymous authentication scheme for roaming service in global mobility networks","volume":"94","author":"Lee","year":"2016","journal-title":"Wirel. Pers. Commun."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"383","DOI":"10.1007\/s11277-016-3672-3","article-title":"A dynamic id-based generic framework for anonymous authentication scheme for roaming service in global mobility networks","volume":"93","author":"Karuppiah","year":"2017","journal-title":"Wirel. Pers. Commun."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Alzahrani, B.A., Chaudhry, S.A., Barnawi, A., Al-Barakati, A., and Alsharif, M.H. (2020). A privacy preserving authentication scheme for roaming in IoT-based wireless mobile networks. Symmetry, 12.","DOI":"10.3390\/sym12020287"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1007\/s12083-019-0717-x","article-title":"Mobile user authentication protocol with privacy preserving for roaming service in GLOMONET","volume":"13","author":"Madhusudhan","year":"2020","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Kang, D., Lee, H., Lee, Y., and Won, D. (2021). Lightweight user authentication scheme for roaming service in GLOMONET with privacy preserving. PLoS ONE, 16.","DOI":"10.1371\/journal.pone.0247441"},{"key":"ref_13","unstructured":"Burrows, J.H. (1995). Secure Hash Standard, Technical Report."},{"key":"ref_14","unstructured":"AVISPA (2019, March 01). Automated Validation of Internet Security Protocols and Applications. Available online: http:\/\/www.avispa-project.org\/."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"416","DOI":"10.1109\/49.345886","article-title":"Conference key distribution schemes for secure digital mobile communication network","volume":"13","author":"Hwang","year":"1995","journal-title":"IEEE J. Select. Areas Commun."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1469","DOI":"10.1109\/25.790522","article-title":"Dynamic participation in a secure conference scheme for mobile communications","volume":"48","author":"Hwang","year":"1999","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"373","DOI":"10.1109\/26.837039","article-title":"Extensions to an authentication technique proposed for the global mobility network","volume":"48","author":"Buttyan","year":"2000","journal-title":"IEEE Trans. Commun."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"400","DOI":"10.1109\/TWC.2003.809452","article-title":"A self-encryption mechanism for authentication of roaming and teleconference services","volume":"2","author":"Hwang","year":"2003","journal-title":"IEEE Trans. Wirel. Commun."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1109\/TCE.2004.1277867","article-title":"A new authentication scheme with anonymity for wireless environments","volume":"50","author":"Zhu","year":"2004","journal-title":"IEEE Trans. Consum. Electron."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"1683","DOI":"10.1109\/TIE.2006.881998","article-title":"Security enhancement on a new authentication scheme with anonymity for wireless environments","volume":"53","author":"Lee","year":"2006","journal-title":"IEEE Trans. Ind. Electron."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Wei, Y., Qiu, H., and Hu, Y. (2006, January 27\u201330). Security analysis of authentication scheme with anonymity for wireless environments. Proceedings of the 2006 International Conference on Communication Technology, Guilin, China.","DOI":"10.1109\/ICCT.2006.341724"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"1767","DOI":"10.1109\/TPDS.2013.230","article-title":"Further observations on smart-card-based password-authenticated key agreement in distributed systems","volume":"25","author":"Huang","year":"2013","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"2551","DOI":"10.1109\/TIE.2008.921677","article-title":"Robust and efficient password-authenticated key agreement using smart cards","volume":"55","author":"Juang","year":"2008","journal-title":"IEEE Trans. Ind. Electron."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1109\/TDSC.2014.2355850","article-title":"Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment","volume":"12","author":"Wang","year":"2015","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_25","first-page":"10","article-title":"Novel anonymous authentication scheme using smart cards","volume":"9","author":"Tsai","year":"2012","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1016\/j.jnca.2018.02.003","article-title":"A novel efficient MAKA protocol with desynchronization for anonymous roaming service in global mobility networks","volume":"107","author":"Xu","year":"2018","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.jnca.2015.12.003","article-title":"An efficient mutual authentication and key agreement scheme preserving strong anonymity of the mobile user in global mobility networks","volume":"62","author":"Gope","year":"2015","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"e3904","DOI":"10.1002\/dac.3904","article-title":"Efficient privacy-preserving authentication scheme for roaming consumer in global mobility networks","volume":"32","author":"Babamohammadi","year":"2019","journal-title":"Int. J. Commun. Syst."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"e3361","DOI":"10.1002\/dac.3361","article-title":"A secure authentication and key agreement scheme for roaming service with user anonymity","volume":"30","author":"Arshad","year":"2017","journal-title":"Int. J. Commun. Syst."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"2665","DOI":"10.1007\/s11277-017-4629-x","article-title":"An anonymous authentication scheme with the enhanced security for wireless communications","volume":"97","author":"Chen","year":"2017","journal-title":"Wirel. Pers. Commun."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"5881","DOI":"10.1007\/s11277-017-4452-4","article-title":"Chaotic maps-based strong anonymous authentication scheme for roaming services in global mobility networks","volume":"96","author":"Xie","year":"2017","journal-title":"Wirel. Pers. Commun."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"268","DOI":"10.1109\/TSUSC.2018.2817657","article-title":"A mobile intelligent terminal based anonymous authenticated key exchange protocol for roaming service in global mobility networks","volume":"5","author":"Wei","year":"2018","journal-title":"IEEE Trans. Sustain. Comput."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Wang, D., Wang, P., and Liu, J. (2014, January 6\u20139). Improved privacy-preserving authentication scheme for roaming service in mobile networks. Proceedings of the 2014 IEEE wireless communications and networking conference (WCNC), Istanbul, Turkey.","DOI":"10.1109\/WCNC.2014.6953015"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Li, H., Yang, Y., and Pang, L. (2013, January 7\u201310). An efficient authentication protocol with user anonymity for mobile networks. Proceedings of the 2013 IEEE wireless communications and networking conference (WCNC), Shanghai, China.","DOI":"10.1109\/WCNC.2013.6554844"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"674","DOI":"10.1007\/s12083-013-0218-2","article-title":"An efficient secure authentication scheme with user anonymity for roaming user in ubiquitous networks","volume":"8","author":"Shin","year":"2015","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"e3019","DOI":"10.1002\/dac.3019","article-title":"A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security","volume":"30","author":"Farash","year":"2017","journal-title":"Int. J. Commun. Syst."},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"4192","DOI":"10.1002\/sec.1598","article-title":"A secure lightweight authentication scheme with user anonymity for roaming service in ubiquitous networks","volume":"9","author":"Karuppiah","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"367","DOI":"10.1016\/j.comcom.2010.02.031","article-title":"A strong user authentication scheme with smart cards for wireless communications","volume":"34","author":"He","year":"2010","journal-title":"Comput. Commun."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"2351","DOI":"10.1007\/s11277-017-4302-4","article-title":"A secure anonymity preserving authentication scheme for roaming service in global mobility networks","volume":"96","author":"Odelu","year":"2017","journal-title":"Wirel. Pers. Commun."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1007\/s11277-014-1750-y","article-title":"A secure and effective anonymous authentication scheme for roaming service in global mobility networks","volume":"78","author":"Zhao","year":"2014","journal-title":"Wirel. Pers. Commun."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1016\/j.compeleceng.2018.03.030","article-title":"A novel mutual authentication scheme with formal proof for smart healthcare systems under global mobility networks notion","volume":"68","author":"Wu","year":"2018","journal-title":"Comput. Electr. Eng."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"20673","DOI":"10.1109\/ACCESS.2018.2827027","article-title":"Design of an anonymity-preserving group formation based authentication protocol in global mobility networks","volume":"6","author":"Banerjee","year":"2018","journal-title":"IEEE Access"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"2055","DOI":"10.1007\/s11277-015-2524-x","article-title":"A secure authentication scheme with user anonymity for roaming service in global mobility networks","volume":"84","author":"Karuppiah","year":"2015","journal-title":"Wirel. Pers. Commun."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"1454","DOI":"10.1109\/JSYST.2018.2883349","article-title":"Robust privacy-preserving mutual authenticated key agreement scheme in roaming service for global mobility networks","volume":"13","author":"Lu","year":"2019","journal-title":"IEEE Syst. J."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"1370","DOI":"10.1109\/JSYST.2015.2416396","article-title":"Lightweight and energy-efficient mutual authentication and key agreement scheme with user anonymity for secure communication in global mobility networks","volume":"10","author":"Gope","year":"2016","journal-title":"IEEE Syst. J."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Aghili, S.F., Mala, H., Shojafar, M., and Conti, M. (May, January 29). Pakit: Proactive authentication and key agreement protocol for internet of things. Proceedings of the IEEE INFOCOM 2019-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Paris, France.","DOI":"10.1109\/INFCOMW.2019.8845220"},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"17663","DOI":"10.1109\/ACCESS.2020.2967469","article-title":"An internet of things roaming authentication protocol based on heterogeneous fusion mechanism","volume":"8","author":"Wan","year":"2020","journal-title":"IEEE Access"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"8729","DOI":"10.1007\/s11227-020-03160-x","article-title":"A secure biometric-based authentication protocol for global mobility networks in smart cities","volume":"76","author":"Ghahramani","year":"2020","journal-title":"J. Supercomput."},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"1477","DOI":"10.1007\/s11277-012-0535-4","article-title":"An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks","volume":"68","author":"Jiang","year":"2013","journal-title":"Wirel. Pers. Commun."},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1090\/S0025-5718-1987-0866109-5","article-title":"\u00cblliptc Curve Cryptosystem","volume":"48","author":"Neil","year":"1987","journal-title":"Math. Comput."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Rogaway, P., and Shrimpton, T. (2004). Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. International Workshop on Fast Software Encryption, Springer.","DOI":"10.1007\/978-3-540-25937-4_24"},{"key":"ref_52","unstructured":"Bhattacharjee, K., Maity, K., and Das, S. (2018). A search for good pseudo-random number generators: Survey and empirical studies. arXiv."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1137\/060651380","article-title":"Fuzzy extractors: How to generate strong keys from biometrics and other noisy data","volume":"38","author":"Dodis","year":"2008","journal-title":"SIAM J. Comput."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"3527","DOI":"10.1002\/sec.1558","article-title":"A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks","volume":"9","author":"Wu","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Kocher, P., Jaffe, J., and Jun, B. (1999). Differential power analysis. Annual International Cryptology Conference, Springer.","DOI":"10.1007\/3-540-48405-1_25"},{"key":"ref_57","first-page":"102588","article-title":"A provably secure ECC-based roaming authentication scheme for global mobility networks","volume":"54","author":"Nikooghadam","year":"2020","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"791","DOI":"10.1007\/s00779-017-1054-9","article-title":"An efficient authentication and key agreement scheme with user anonymity for roaming service in smart city","volume":"21","author":"Li","year":"2017","journal-title":"Pers. Ubiquitous Comput."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/5\/4\/35\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T07:46:17Z","timestamp":1760168777000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/5\/4\/35"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,12,13]]},"references-count":58,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2021,12]]}},"alternative-id":["cryptography5040035"],"URL":"https:\/\/doi.org\/10.3390\/cryptography5040035","relation":{},"ISSN":["2410-387X"],"issn-type":[{"type":"electronic","value":"2410-387X"}],"subject":[],"published":{"date-parts":[[2021,12,13]]}}}