ECC-based Secure and Lightweight Authentication Protocol for Mobile Environment

Due to recent advances in wireless communication, the availability of mobile services has increased significantly. However, due to the open nature of wireless channels, vulnerabilities exploiting these services have increased as well. Thus, it is essential to ensure the legitimacy of both clients and servers and to provide communication confidentiality. To feed this trend, mutual authentication has become a critical security issue in mobile environments. In the past, a large number of authentication protocols have been proposed to provide secure communication and key exchange between parties. However, most of them fail to provide reliable security solutions due to inherent challenges such as the mobility of users, increasing attack vectors, and resource-constrained mobile devices. Thus, developing an efficient authentication protocol for practical mobile device deployment remains challenging. Therefore, we propose a lightweight and secure authentication key exchange protocol for mobile environment able to resist the threats while providing higher operational efficiency. The designed solution is based on Elliptic Curve Cryptography, well known for its short key sizes as well as its reduced storage and transmission requirements. The formal security verification of the proposed scheme has been carried out using the widely used AVIPSA tool. Further, the computational and communicational overhead analysis of the proposed scheme mark its superior performance relative to the current state-of-the-art.