Abstract

Most of current authentication schemes for mobile systems have some weaknesses; such as leakage of UE identities and high update overhead of temporary identities. This paper proposes a secure authentication mechanism for mobile communication systems that satisfies the security requirements of the third generation mobile systems. In this proposed protocol, the number of messages between authentication entities of the network is reduced to four messages instead of five in initial authentication procedure. The subsequent authentication procedure only contains two message exchanges. Therefore, the bottleneck at authentication center is avoided by reducing the number of messages between mobile and authentication center. The authentication time delay, call setup time and signaling traffic are minimized. Also, this proposed protocol is designed to be secure against network attacks, such as replay attacks and Guessing attacks and others attacks. Consequently, this approach is secure and practical as it can satisfy the security requirements of the third generation mobile communication systems based on hybrid asymmetric and symmetric cryptosystem, and can save up to 20% of the authentication traffic delay time.