行動通訊技術高速發展，行動裝置得以不限時間與地點存取服務。當用戶移動至其他區域時，便透過漫遊服務取得當地網路，並能與其他裝置進行通訊。傳統之漫遊服務具有兩個問題，其一為本籍註冊單位 (Home location register)與客籍註冊單位 (Visitor location register)需事先簽定漫遊協議，使雙方相互認證，方能使用戶漫遊至該地使用通訊服務；其二為客籍註冊單位進行身分鑑別時，皆需向本籍註冊單位詢問裝置之合法性，除了增加訊息流 (Message flow)外，亦增加計算成本。因此本研究基於授權代理結合橢圓曲線密碼學，為漫遊服務設計一個身分鑑別與金鑰交換協定。本方法與過往之研究最大的差異在於裝置得以於未經過認證之區域使用漫遊服務，由認證區域頒發臨時憑證給予行動裝置，當裝置漫遊至未認證區域時，該區域之客籍註冊單位除了驗證臨時憑證以外，亦會委託認證區域協助驗證裝置所計算之代理簽章，以鑑別身分合法性，使裝置得以於相同區域下進行相互鑑別與金鑰交換，保障通訊安全。此方法不但能減少資訊流更能降低裝置漫遊時之計算成本。

In the rapid development of mobile communication technology, network service can be always accessed by mobile in anywhere. When users move to other region, they can access network by using roaming service to communicate with other devices. But there are two problems in the traditional roaming service. One is that the home location register and the visitor location register need cross certification by signing a roaming agreement. And then, users can use communication service through roaming visited region. Another is that the visitor location register must verify the legality of devices from the home location register for authenticating the mobile. This is not only raises the information flow, but also increases the communication cost. Therefore, this study is based on the delegation-base authentication and ECC-based public key cryptosystems. We propose authentication and key exchange protocol for roaming service. The difference between this protocol and previous research is that mobile can use roaming service in the not-cross-certified region. The cross-certified region issues a temporary certificate to the mobile. The visitor location register that from not-cross-certified region will verify temporary certificate, when users roam not-cross-certified region. In addition, they will delegate cross-certified region to assist verifying proxy signature. Hence, users can safely communicate to each other by using authentication and key exchange protocol in visited region. It is not only decreases the communication cost but also reduces message flow.

[1] C.C. Chang, C.Y. Lee, and Y.C. Chiu, "Enhanced Authentication Scheme with Anonymity for Roaming Service in Global Mobility Networks," Computer Communications, vol. 32, no. 4, 2009, pp. 611-618.
[2] C. Chen, D. He, S. Chan, J. Bu, Y. Gao, and R. Fan, "Lightweight and Provably Secure User Authentication with Anonymity for the Global Mobility Network," International Journal of Communication Systems, vol. 24, 2011, pp. 347-362.
[3] W. Diffie, and M.E. Hellman, "New Directions in Cryptography, " IEEE Transactions on Information Theory, vol. 22, no.6, 1976, pp. 644-654.
[4] M. Girault, "Self-certified public keys," Workshop on the Theory and Application of Cryptographic Techniques, Berlin, Heidelberg, 1991, pp. 490-497.
[5] ISO, "Information technology — Open Systems Interconnection— The Directory — Part 2: Models," ISO/IEC 9594-2:2017(en), 2017.
[6] C.L. Jiang, S.L. Wu and K. Gu, "New Kind of Delegation-based Anonymous Authentication Scheme for Wireless Roaming Networks," International Journal of Network Security, vol.20, no. 2, pp. 235-242.
[7] Ν. Koblitz, "Elliptic Curve Cryptosystems, " Mathematics of Computation, vol. 48, 1987, pp. 203-209.
[8] W.B. Lee, and C.K. Yeh, "A New Delegation-based Authentication Protocol for Use in Portable Communication Systems," IEEE Trans. Wireless Commun., vol. 4, no. 1, 2005, pp. 57-64.
[9] T. Lee, S. Chang, T. Hwang, and S. Chong, "Enhanced Delegation-based Authentication Protocol for PCSs," IEEE Transactions on Wireless Communications, vol. 8, no. 5, 2009, pp. 2166-2171.
[10] C.C. Lee, M.S. Hwang and I.E. Liao, "Security Enhancement on a New Authentication Scheme with Anonymity for Wireless Environments," IEEE Transactions on Industrial Electronics, vol. 53, no. 5, 2006,pp. 1683-1687.
[11] M. Mambo, K. Usuda, and E. Okamoto, "Delegation of the Power to Sign Messages," IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences, vol. E79-A, no. 9, 1996, pp. 1338-1353.
[12] V. Miller, "Use of Elliptic Curves in Cryptography, " Proceedings of the 5th Annual International Cryptology Conference—CRYPTO ’85, vol. 218, 1986, pp. 417-426.
[13] NIST FIPS PUB 180, "Secure Hash Standard," National Institute of Standards and Technology, U.S. Department of Commerce, 1993.
[14] A. Shamir, "Identity-based cryptosystems and signature schemes.," Workshop on the theory and application of cryptographic techniques, Berlin, Heidelberg, 1984, pp. 47-53.
[15] C. Tang, and D.O. Wu, "An Efficient Mobile Authentication Scheme for Wireless Networks," IEEE Transactions on Wireless Communications, vol. 7, no. 4, 2008, pp. 1408-1416.
[16] J.L. Tsai, N.W. Lo, and T.C. Wu, "Secure Delegation-Based Authentication Protocol for Wireless Roaming Service," IEEE Communications Letters, vol. 16, no. 7, 2012, pp. 1100-1102.
[17] K.Y. Wu, Y.H. Chuang, T.C. Wu and N.W. Lo, "A Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Network," 2017 International Conference on Soft Computing, Intelligent System and Information Technology (ICSIIT), 2017, pp. 150-154.
[18] Q. Xie, M. Bao, N. Dong, B. Hu, and D. S. Wong, "Secure Mobile User Authentication and Key Agreement Protocol with Privacy Protection in Global Mobility Networks," 2013 International Symposium on Biometrics and Security Technologies, 2013, pp. 124-129.
[19] G. Yang, Q. Huang, D. S. Wong and X. Deng., "Universal Authentication Protocols for Anonymous Wireless Communications," IEEE Transactions on Wireless Communications, vol. 9, no. 1, 2010, pp. 168-174.
[20] C.C. Yang, Y.W. Yang and W.T. Liu, "A Robust Authentication Protocol with Non-Repudiation Service for Integrating WLAN and 3G Network, " Wireless Personal Communications 39, 2006, pp. 229–251.
[21] T.Y. Youn ,and J. Lim, "Improved Delegation-based Authentication Protocol for Secure Roaming Service with Unlinkability," IEEE Communications Letters, vol. 14, no. 9, 2010, pp. 791-793.
[22] T.Y. Youn, Y.H. Park, and J. Lim, "Weaknesses in an Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks," IEEE Communications Letters, vol. 13, no. 7, 2009, pp. 471-473.
[23] J. Zhu and J. Ma, "A New Authentication Scheme with Anonymity for Wireless Environments," IEEE Transactions on Consumer Electronics, vol. 50, no. 1, 2004, pp. 231-235.