Improving the security of the Hwang-Su protocol for mobile networks
The mobile networks are experiencing a growing success. This success is mainly due to the fact that these networks providing the mobility of users, the transmission of data through open air and the requirement of low power. But, it is threatened by weak security, especially at the level of authentication. Hwang and Su have proposed an efficient authentication protocol for mobile networks. This protocol, called Hwang-Su here, is based on the use of one-way hash function, symmetric key cryptosystem and nonce. Hwang-Su protocol consists of two sub-protocols, named intra-domain authentication and inter-domain authentication. If the user and the service provider registered in the same domain, we would use intra-domain authentication protocol. Otherwise, we would initiate inter-domain authentication protocol. In this article, we show that both sub-protocols are not secured. Indeed, any legitimate user can abuse of these rights to attack them. We also propose improvements to increase its security.
Keywords: Authentication, Mobile communication, Cryptography, Security