Prosanta Gope and Tzonelih Hwang, National Cheng Kung University, Taiwan, R.O.C

User mobility is a feature that raises many issues related to security. One of them is the disclosure of a mobile user's real identity during the authentication process, or the other procedures specific to global mobile networks (GLOMONET). Such disclosure allows an unauthorized third-party to track the mobile user's movements and current whereabouts. In this article, we address some problems of mutual authentication and key agreement with user anonymity for GLOMONET. Recently, Qi et al. proposed such scheme, which is claimed to be a slight modification of He et al.'s protocol based on smart card. However, we reveal that both the schemes still suffer from certain weaknesses which have been overlooked previously and thus they cannot achieve desired security.

Authentication, Anonymity, Roaming, Privacy, Untraceability, Smart card, Global mobile network.