Development of a provably secure and privacy-preserving lightweight authentication scheme for roaming services in global mobility network

The accelerated development of Internet of Things services surfaced the way for providing uninterrupted and adaptable smart mobility services for mobile clients to communicate without any zone or time constraints. The global mobility network is an appropriate contender to be adopted as a communication platform to offer roaming services for swift data exchange and fast movement of mobile users in smart mobility. Nevertheless, the confidentiality and secrecy of the exchanged messages have become major concerns due to the insecure nature of the public communication channel. Additionally, it is worth monitoring that enhanced security measures must not increase the burden on limited-powered, small computationally efficient mobile devices. To fulfill these purposes, multiple authentication and key agreement protocols in the context of roaming services have been proposed in recent days. This research demonstrates that most of the previous authentication schemes for the GLOMONET environment have failed to achieve the aforesaid secrecy goals. To satisfy the purposes, this article has proposed a mutual authentication and session key negotiation scheme for roaming services that resists all security susceptibilities and provides essential requirements like anonymity with minimized computation and communication overhead. To support our claim, the security of the proposed scheme is formally verified using the well-known random oracle model and aProVerif simulation tool. Moreover, the implementation of the protocol using the broadly acknowledged NS-2 simulation tool visualizes the practical efficiency of the protocol.