Shubhangi N. Burde and Hemlata Dakhore, RTMNU University, India

Mobile services are spread throughout the wireless network and are one of the crucial components needed for various applications and services. However, the security of mobile communication has topped the list of concerns for mobile phone users. Confidentiality, Authentication, Integrity and Non-repudiation are required security services for mobile communication. Currently available network security mechanisms are inadequate; hence there is a greater demand to provide a more flexible, reconfigurable, and scalable security mechanism. Traditionally, the security services have been provided by cryptography. Recently, techniques based on elliptic curve cryptography (ECC) have demonstrated the feasibility of providing computer security services efficiently on mobile platforms. Islam and Biswas have proposed a more efficient and secure ID-based system for mobile devices on ECC to enhance security for authentication with key agreement system. They claimed that their system truly is more secure than previous ones and it can resist various attacks. However, it is true because their system is vulnerable to known session-specific temporary information attack, and the other system is denial of service resulting from leaking server's database. Thus, the paper presents an improvement to their system in order to isolate such problems.

Authentication, Dynamic ID, Elliptic curve cryptosystem, Session key.