An Authentication Protocol With Anonymity Based On The K-pseudonym Set

Internet brings convenience to people’s lives but also causes a lot of security risks, especially adverse effects caused by the disclosure of personal information are very widespread. Therefore, the protection of personal information has attracted much attention. In wireless network authentication, in order to protect their privacy, more and more users are more inclined to anonymous authentication for preventing the attacker from obtaining the user’s location and getting more personal information.In order to solve the issue that using the shared key to achieve anonymous authentication, we propose the anonymous authentication protocol based-on the shared secret key to achieve anonymity by using the k-pseudonym set. We mainly do the following work.1. We present the anonymous authentication scheme based on the k-pseudonym set with the shared key. The user proposes an authentication request and sends the k-pseudonym set which includes the actual user’s identity and the message encrypted by the actual user’s shared key to the authentication server. The authentication server completes the user authentication within the scope of the k users’ information traversal, which avoids the excessive resources consumption of the authentication server.2. We define two models according to the attack ability of the attackers, i.e. Dolev-Yao model and the enhanced Dolev-Yao model. Meanwhile, we also give two construction methods of the k-pseudonym set. We make a detailed analysis about the advantages and disadvantages of the two methods from the security and performance.3. We compare our scheme with the existing scheme based on the shared key to achieve anonymous authentication in the security. We analyze the security of our scheme from the following aspects: anonymity, mutual authentication, forward and backward security, security against desynchronization attack, security against the replay attack, and the security against the impersonation attack. The results show that our proposed scheme has obvious advantages.4. We set up a test-bed to achieve the proposed scheme, and test the impact of the number of user in the k-pseudonym set and the number of authenticating users simultaneously on authentication time. The experimental results show that the scheme achieves anonymous authentication in a short time, and the authentication time changes a little with the increase of k. Meanwhile, analysis shows that the calculated amount, traffic and memory space are insignificant.