Efficient authentication protocol with anonymity and key protection for mobile Internet users.

To preserve user privacy and guarantee data confidentiality on the mobile Internet, it is crucial to secure communication between the mobile devices held by users and a remote server. In real applications, a serious threat against communication security is exposure of secret keys, due to the compromise of the mobile devices storing the key. One method of preserving key exposure is to use protected hardware or smart-cards, but they are costly and impractical. Another method is to utilize secret sharing to share secret key across multiple devices. Nevertheless, secret sharing schemes guarantee security only if the adversary cannot access at least one share in its entirety. In this paper, we present a remote authentication protocol, which resists key exposure. Further, we present a zero-knowledge protocol based on SDH assumption that can achieve anonymity. We formally prove our proposed solution is secure under the decision linear assumption and the qs-mSDH assumption in the random oracle model. Finally, we show our solution can achieve higher efficiency and stronger anonymity comparing with existing schemes, and thus the proposed solution is more suitable for real-world environments.