AEP-PPA: An anonymous, efficient and provably-secure privacy-preserving authentication protocol for mobile services in smart cities

Mobile devices are an integral part of our society, although ensuring the security and privacy of both data-at-rest and data-in-transit remains topics of ongoing interest. Privacy-preserving authentication (PPA) protocols for mobile services is a promising cryptographic approach to provide authentication and privacy preservation features, despite the limitations in a number of existing PPA protocols (e.g. higher computation overhead, and security weaknesses). Thus, in this paper, we present a PPA protocol for mobile services and demonstrate that the proposed protocol supports the level of security and privacy required in the typical mobile service application. We prove the security of the protocol in the random oracle model. We also present a comparative summary of the efficiency of the proposed protocol and three other competing protocols, which demonstrates that the proposed PPA protocol has less computation and communication overheads. This also suggests the potential for the proposed protocol to be deployed in mobile service applications for smart cities.