Table 2. Security comparison of the proposed scheme and other related schemes.
| Property | Yoon | Mun | Lee | Gope | Ahmed | Proposed |
|---|---|---|---|---|---|---|
| Pr1. User information related parameter privacy | O | O | X | O | X | O |
| Pr2. Mobile node anonymity | O | O | O | O | O | O |
| Pr3. Mobile node non-traceability | X | X | O | O | X | O |
| Pr4. Resistance to Mobile node impersonation | O | X | X | O | X | O |
| R1. Resistance to Replay attack | O | X | X | O | O | O |
| R2. Resistance to Privileged insider attack | O | X | O | X | O | O |
| R3. Resistance to Denial of service attack | Δ†1 | X | X | X | Δ†1 | O |
| R4. Resistance to Foreign bypass attack | O | X | O | O | O | O |
| R5. Resistance to Session key derived attack | O | O | O | O | X | O |
| R6. Forward secrecy | X | O | X | X | O | O |
| R7. Free and efficient password policy | X | X | X | O | Δ†2 | O |
| R8. Session key agreement | X | O | O | O | O | O |
| R9. Mutual authentication | O | X | Δ†3 | O | Δ†3 | O |
†1 As only one of the user’s identity or password is checked in the login phase, a partial denial of service attack is possible.
†2 The mobile node can freely set the password, but the identity verification is omitted in the password change phase.
†3 No mutual authentication of the shared session key.