近年來，無線網路的發展越來越熱門，在無線網路環境中，行動用戶可以透過各種無線通訊設備上的網路通訊介面，漫遊於行動網路中，並透過掃描無線頻譜以找出可利用的無線網路資源，而行動設備的移動能力，更可讓行動用戶可以於無線網路間自由的移動。在行動用戶連上基地台以進行通訊前，行動用戶必需與基地台進行通訊認證，而已有許多文獻提出各種於無線通訊網路底下的行動通訊認證。然而，在無線網路之下，對於經常改變位置的行動用戶來說，其必需經常執行換手的動作，對於目前已提出的交談式認證協定，其可能會造成網路連線不穩定，原因是行動用戶可能與附近非法的基地台進行無效認證，造成行動用戶因認證的延遲而不能及時完成換手動作。因此，我們提出一個可讓行動用戶於換手前事先得知基地台合法性的機制，使行動用戶可選擇正確的基地台進行認證以減少與非法基地台進行通訊所可能產生的延遲與各種可能的安全問題。在我們提出的協定中，行動用戶不需與基地台進行交談式的認證，行動用戶只需對無線網路環境進行掃描並接收來自各基地台的認證訊息，即可判定基地台的合法性。我們稱此認證方式為感知認證。此外，我們也提出可讓行動用戶間交換已接收之認證訊息的協力防禦機制。最後，我們亦提出安全證明以說明協定之安全性。

Wireless networks are becoming more and more
popular. In current wireless network environments, mobile users can use multiple wireless network interfaces built in their mobile devices to roam around the mobile networks. They can scan the wireless spectrums and utilize the network resources extremely, and they can roam into nearby wireless networks due to the mobility capabilities of the powerful mobile devices. Before connecting to an access point, an authentication process is necessary. There are many interactive wireless authentication protocols which have been proposed in the literature. Under the wireless networks, handover is an important property for a mobile user to change her/his position. However, the existing interactive wireless authentication protocols may cause unstable connection. This is because that a mobile user may perform failed authentications with some nearby invalid access points and thus she/he cannot finish handover in time. Hence, we would like to design a mechanism for a mobile user to determine the validity of access points before the interactive authentication, and the mobile user can choose a valid one when making handover. In our proposed scheme, the mobile user can just scan and receive authentication messages from access points without interactions with them while she/he can determine which one of them is valid. We call this cognitive authentication. Besides, we also propose cooperative defense which allows mobile users to exchange their received authentication messages for detecting illegal access points. Finally, we provide security proofs for our proposed scheme.

1 Introduction 1
2 Related Works 5
2.1 Review of Zhu-Ma Scheme . . . . . . . . . . . . . . . . . . . . 5
2.1.1 Initial Phase . . . . . . . . . . . . . . . . . . . . . . . . 5
2.1.2 First Phase . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.3 Second Phase . . . . . . . . . . . . . . . . . . . . . . . 9
2.2 Review of Lee et al.''s Scheme . . . . . . . . . . . . . . . . . . 10
2.2.1 Initial Phase . . . . . . . . . . . . . . . . . . . . . . . . 12
2.2.2 First Phase . . . . . . . . . . . . . . . . . . . . . . . . 12
2.2.3 Second Phase . . . . . . . . . . . . . . . . . . . . . . . 15
2.3 Review of Wu et al.''s Scheme . . . . . . . . . . . . . . . . . . 16
2.3.1 Initial Phase . . . . . . . . . . . . . . . . . . . . . . . . 16
2.3.2 First Phase . . . . . . . . . . . . . . . . . . . . . . . . 17
1
3 The Proposed Cognitive Authentication and Cooperative De-
fense Scheme 20
3.1 The Framework of Our Scheme . . . . . . . . . . . . . . . . . 20
3.2 ID-Based Signature scheme . . . . . . . . . . . . . . . . . . . 23
3.3 Our Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . 24
3.3.1 Initialization Procedure . . . . . . . . . . . . . . . . . 25
3.3.2 Registration Procedure . . . . . . . . . . . . . . . . . . 25
3.3.3 The Procedure of Requesting Time Di erential Signature 26
3.3.4 The Procedure of Broadcasting Authentication Message 27
3.3.5 The Procedure of AP Validity Determination . . . . . 27
4 Security Analysis 32
4.1 Strong Unforgeability . . . . . . . . . . . . . . . . . . . . . . . 32
4.2 Secure Authentication . . . . . . . . . . . . . . . . . . . . . . 34
4.3 Security Proof . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5 Conclusion 39
Bibliography 40

[1] J. Zhu and J. Ma, "A New Authentication Scheme with Anonymity for
Wireless Environments," IEEE Transactions on Consumer Electronics,
vol. 50, no. 1, pp. 231-235, 2004.
[2] C. C. Lee, M. S. Hwang, and I. E. Liao, "Security Enhancement on a New
Authentication Scheme With Anonymity for Wireless Environments,"
IEEE Transactions on Industrial Electronics, vol. 53, no. 5, pp. 1683-
1687, 2006.
[3] C. C. Wu, W. B. Lee, and W. J. Tsaur, "A Secure Authentication
Scheme with Anonymity for Wireless Communications," IEEE Commu-
nications Letters, vol. 12, no. 10, pp. 722-723, 2008.
[4] S. Machiraju, H. Chen, and J. Bolot, "Distributed Authentication for
Low-Cost Wireless Networks," Proceedings of the 9th Workshop on Mo-
bile Computing Systems and Applications, pp. 55-59, 2008.
[5] A. S. Wander, N. Gura, H. Eberle, V. Gupta, and S. C. Shantz, "Energy
Analysis of Public-Key Cryptography for Wireless Sensor Networks,"
Proceedings of the Third IEEE International Conference on Pervasive
Computing and Communications, pp. 324-328, 2005.
[6] B. Vaidya, J. S. Silva, and J.J.P.C. Rodrigues, "Robust Dynamic User
Authentication Scheme for Wireless Sensor Networks," Proceedings of
the 5th ACM symposium on QoS and security for wireless and mobile
networks, pp. 88-91, 2009.
[7] C. Tang and D. O. Wu, "An E cient Mobile Authentication Scheme for
Wireless Networks," IEEE Transactions on Wireless Communications,
pp. 1408-1416, 2008.
[8] W. B. Lee and C. K. Yeh, "A New Delegation-Based Authentication
Protocol for Use in Portable Communication Systems," IEEE transac-
tions on wireless communications, pp. 57-64, 2005.
[9] C. H. Wang, T. C. Wei, P. C. Lee, and C. C. Wu, "An Improvement of
Secure Authentication Scheme with Full Anonymity for Wireless Com-
munications," Proceedings of the 2nd International Conference on In-
teraction Sciences: Information Technology, Culture and Human, pp.
115-118, 2009.
Network, Special Issue on Mobile Communications, pp. 2634,
1994.
[11] Y. Jiang, C. Lin, X. Shen, and M. Shi, "Mutual Authentication and Key
Exchange Protocols for Roaming Services in Wireless Mobile Networks,"
IEEE Transactions on Wireless Communications, pp. 2569-2577, 2006.
[12] S. Cui, P. Duan, and C. W. Chan, "An cient Identity-Based Signa-
ture Scheme with Batch Veri cations," ACM International Conference
Proceeding Series, vol. 152, no. 22, 2006.
[13] Y. Wei and H. Qiu, "A Novel Wireless AuthenticationProtocol Preserv-
ing User Anonymityand Untraceability," International Conference on
Communication Technology, ICCT ''06, pp. 27-30, 2006.
[14] S. J. Wang, "Anonymous Wireless Authentication on a Portable Cellu-
lar Mobile System," IEEE Transactions on Computers, pp. 1317-1329,
2004.
[15] A. Sui, L. C. K. Hui, Y. Yang and K. P. Chow, "Elliptic Curve Cryptog-
raphy Based Authenticated Key Agreement with Pre-shared Password,"
Journal of Electronics (China), vol. 22, no.3, 2005.
[16] A. Aziz and W. Di e, "Privacy and Authentication for Wireless Local
Area Networks," IEEE Personal Communications, pp. 25-31, 1994.
[17] D. Weinshall, "Cognitive Authentication Schemes Safe Against Spy-
ware," IEEE Symposium on Security and Privacy, pp. 295-300, 2006.
[18] P. Golle and D. Wagner, "Cryptanalysis of a Cognitive Authentication
Scheme," IEEE Symposium on Security and Privacy, pp. 66-70, 2007.
[19] M. Zviran and W. J. Haga, "User Authentication by Cognitive Pass-
words: An Empirical Assessment," Proceedings of the 5th Jerusalem
Conference on Information Technology, pp. 137-144, 1990.
[20] A. Shamir, "Identity-Based Cryptosystems and Signature Schemes,"
Proceedings of CRYPTO 84 on Advances in Cryptology, pp. 47-53, 1985.
[21] K.G. Paterson, "ID-Based Signatures from Pairings on Elliptic Curves,"
Electronics Letters, pp. 1025-1026, 2002.
[22] J. H. Yang and C. C. Chang, "Cryptanalysis of ID-Based Digital Sig-
nature Scheme on Elliptic Curve Cryptosystem," Eighth International
Conference on Intelligent Systems Design and Applications, pp. 3-5,
2008.
[23] Z. Guo, X. He, and B. Xun, "Security Arguments for a Class of ID-Based
Signatures," Second International Conference on the Digital Society, pp.
165-170, 2008.
[24] T. Menon and R.Sindhuja, "ID Based Signature Schemes for Electronic
Voting," Second International Conference on Computer and Electrical
Engineering, pp. 403-406, 2009.
[25] Y. Xinchun, Y. Shuying, O. Funa, and Z. Hailing, "An ID-Based Con-
tent Extraction Signatures without Trusted Party," IEEE Conference
on Industrial Electronics and Applications, pp. 1801-1804, 2010.
[26] Y. Xinchun, Y. Shuying, O. Funa, and Z. Hailing, "Scheme for (t, n)
Threshold Id-Based Signature without a Trusted Dealer," International
Conference on Wavelet Analysis and Pattern Recognition, pp. 1341-
1345, 2007.