Skip to Main Content
Lee and Yeh recently presented a delegation-based authentication protocol for portable communication systems (PCSs), which is claimed to provide non-repudiation in on-line authentication. This investigation indicates that their protocol has a weakness in that a malicious visited location register can forge the authentication messages in off-line authentication processes, preventing mobile users from obtaining non-repudiation in such processes. This study also presents an enhanced protocol, which not only has the same security properties as the original protocol but also avoids the weakness in the original scheme and reduces the computational cost.
Date of Publication: May 2009