KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

An improved Multi-server Authentication Scheme for Distributed Mobile Cloud Computing Services

  • Irshad, Azeem (Department of Computer Science & Software Engineering, International Islamic University) ;
  • Sher, Muhammad (Department of Computer Science & Software Engineering, International Islamic University) ;
  • Ahmad, Hafiz Farooq (College of Computer Sciences and Information Technology (CCSIT), King Faisal University) ;
  • Alzahrani, Bander A. (Faculty of Computing & Information Technology, King Abdulaziz University) ;
  • Chaudhry, Shehzad Ashraf (Department of Computer Science & Software Engineering, International Islamic University) ;
  • Kumar, Rahul (S. S. V. (P.G.) college Hapur)
  • Received : 2016.07.24
  • Accepted : 2016.10.31
  • Published : 2016.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Mobile cloud computing (MCC) has revolutionized the way in which the services can be obtained from the cloud service providers. Manifold increase in the number of mobile devices and subscribers in MCC has further enhanced the need of an efficient and robust authentication solution. Earlier, the subscribers could get cloud-computing services from the cloud service providers only after having consulted the trusted third party. Recently, Tsai and Lo has proposed a multi-server authenticated key agreement solution for MCC based on bilinear pairing, to eliminate the trusted third party for mutual authentication. The scheme has been novel as far as the minimization of trusted party involvement in authenticating the user and service provider, is concerned. However, the Tsai and Lo scheme has been found vulnerable to server spoofing attack (misrepresentation attack), de-synchronization attack and denial-of-service attack, which renders the scheme unsuitable for practical deployment in different wireless mobile access networks. Therefore, we have proposed an improved model based on bilinear pairing, countering the identified threats posed to Tsai and Lo scheme. Besides, the proposed work also demonstrates performance evaluation and formal security analysis.

Keywords

References

  1. ABI Research Report, Mobile Cloud Applications. [Online]. Available: http://www.abiresearch.com/research/1003385-Mobile+Cloud+Computing
  2. X. F. Qiu, J.W. Liu, and P. C. Zhao, "Secure cloud computing architecture on mobile Internet," in Proc. of 2nd Int. Conf. AIMSEC, pp. 619-622, 2011.
  3. N. Fernando, S. W. Loke, and W. Rahayu, "Mobile cloud computing: A survey," Future Gen. Comput. Sys., vol. 29, no. 1, pp. 84-106, Jan. 2013. https://doi.org/10.1016/j.future.2012.05.023
  4. G. Le, K. Xu, M. Song, and J. Song, "A survey on research on mobile cloud computing," in Proc. of10th IEEE/ACIS/Int. Conf. Comput. Inf. Sci., pp. 387-392, 2011.
  5. W. G. Song and X. L. Su, "Review of mobile cloud computing," in Proc. of IEEE ICCSN, pp. 1-4, 2011.
  6. Han, N. D., Han, L., Tuan, D. M., In, H. P., & Jo, M., "A scheme for data confidentiality in cloud-assisted wireless body area networks," Information sciences, 284, 157-166, 2014. https://doi.org/10.1016/j.ins.2014.03.126
  7. H. Ahn, H. Chang, C. Jang, and E. Choi, "User authentication platform using provisioning in cloud computing environment," in Proc. of ACN CCIS, vol. 199, pp. 132-138, 2011.
  8. P. Urien, E. Marie, and C. Kiennert, "An innovative solution for cloud computing authentication: Grids of EAP-TLS smart cards," in Proc. of 5th Int. Conf. Digit. Telecommun., pp. 22-27, 2010.
  9. J. L. Tsai, N. W. Lo, and T. C. Wu, "Secure delegation-based authentication protocol for wireless roaming service," IEEE Commun. Lett., vol. 16, no. 7, pp. 1100-1102, Jul. 2012. https://doi.org/10.1109/LCOMM.2012.052112.120525
  10. H. Chang and E. Choi, "User authentication in cloud computing," in Proc. of UCMA CCIS, vol. 151, pp. 338-342, 2011.
  11. W. Itani, A. Kayssi, and A. Chehab, "Privacy as a service: Privacy-aware data storage and processing in cloud computing architectures," in Proc. of IEEE Int. Conf. Dependable Auton. Secure Comput., pp. 711-716, 2009.
  12. S. Pearson, "Taking account of privacy when designing cloud computing services," in Proc. of CLOUD ICSEWorkshop Softw. Eng. Challenges Cloud Comput., pp. 44-52, 2009.
  13. H. Takabi, J. B. D. Joshi, and G. Ahn, "Security and privacy challenges in cloud computing environments," IEEE Security Privacy, vol. 8, no. 6, pp. 24-31, Nov./Dec. 2010. https://doi.org/10.1109/MSP.2010.186
  14. Z. Xiao and Y. Xiao, "Security and privacy in cloud computing," IEEE Commun. Surveys Tuts., vol. 15, no. 2, pp. 843-859, Jul. 2012.
  15. OpenID Foundation, OpenID Authentication 2.0, 2007. [Online]. Available: http://openid.net/specs/openid-authentication-2_0.html
  16. N. Koblitz, "Elliptic curve cryptosystems," Math. Comput., vol. 48, no. 177, pp. 203-209, 1987. https://doi.org/10.1090/S0025-5718-1987-0866109-5
  17. V. Miller, "Use of elliptic curves in cryptography," in Proc. of CRYPTO, pp. 417-426, 1986.
  18. "Recommendation for key management-Part 1: General," Gaithersburg, MD, USA, Aug. 2005, Special Publication 800-57.
  19. D. Boneh and M. Franklin, "Identity-based encryption from the Weil pairing," in Proc. of Advances in Cryptology-CRYPTO, vol. 2139, LNCS. Berlin, Germany: Springer-Verlag, pp. 213-229, 2001.
  20. J. C. Cha and J. H. Cheon, "An identity-based signature from gap Diffie-Hellman groups," in Proc. of Public Key Cryptography PKC, vol. 2139, LNCS. Berlin, Germany: Springer-Verlag, pp. 18-30, 2003.
  21. H. Z. Du and Q. Y. Wen, "An efficient identity-based short signature scheme from bilinear pairings," in Proc. of Int. Conf. CIS, pp. 725-729, 2007.
  22. H. W. Lim and M. Robshaw, "On identity-based cryptography and grid computing," in Proc. of ICCS, pp. 474-477, 2004.
  23. H.W. Lim and M. Robshaw, "A dynamic key infrastructure for GRID," in Proc. of EGC, pp. 255-264, 2005.
  24. A. Armando et al., "An authentication flaw in browser-based single sign-on protocols: Impact and remediations," Comput. Security, vol. 33, pp. 41-58, Mar. 2013. https://doi.org/10.1016/j.cose.2012.08.007
  25. W. Mao, "An identity-based non-interactive authentication framework for computational grids," HP Labs, Palo Alto, CA, USA, Tech. Rep. HPL-2004-96, Jun. 2004.
  26. H. Li, Y. Dai, L. Tian, and H. Yang, "Identity-based authentication for cloud computing," in Proc. of CloudCom, pp. 157-166, 2009.
  27. V. S. Hughes, "Information hiding, anonymity and privacy a modular approach," J. Comput. Security, vol. 12, no. 1, pp. 3-36, Jan. 2004. https://doi.org/10.3233/JCS-2004-12102
  28. J. L. Tsai, N. W. Lo, and T. C. Wu, "Novel anonymous authentication scheme using smart cards," IEEE Trans. Ind. Informat., vol. 9, no. 4, pp. 2004-2013, Nov. 2013. https://doi.org/10.1109/TII.2012.2230639
  29. J. L. Tsai and N. W. Lo, "A privacy-aware authentication scheme fordistributed mobile cloud computing services,"IEEE Syst. J.,vol.9, no. 3, pp. 805-815, Sep. 2015. https://doi.org/10.1109/JSYST.2014.2322973
  30. Wu, F., Xu, L., Kumari, S., & Li, X., "A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks," Computers & Electrical Engineering, 45, 274-285, 2015. https://doi.org/10.1016/j.compeleceng.2015.02.015
  31. Khan, M. K., & Kumari, S., "An improved biometrics-based remote user authentication scheme with user anonymity," BioMed research international, 2013.
  32. Farash, M. S., Turkanovic, M., Kumari, S., & Holbl, M., "An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment," Ad Hoc Networks, 36, 152-176, 2016. https://doi.org/10.1016/j.adhoc.2015.05.014
  33. Li, X., Niu, J., Kumari, S., Liao, J., & Liang, W., "An enhancement of a smart card authentication scheme for multi-server architecture," Wireless Personal Communications, 80(1), 175-192, 2015. https://doi.org/10.1007/s11277-014-2002-x
  34. Kumari, S., Chaudhry, S. A., Wu, F., Li, X., Farash, M. S., & Khan, M. K., "An improved smart card based authentication scheme for session initiation protocol," Peer-to-Peer Networking and Applications, 1-14, 2015.
  35. Boneh, D., Lynn, B., & Shacham, H., "Short signatures from the Weil pairing," in Proc. of Advances in Cryptology-ASIACRYPT 2001 (pp. 514-532). Springer Berlin Heidelberg, 2015.
  36. Jin, A. T. B., Ling, D. N. C., & Goh, A., "Biohashing: Two factor authentication featuringfingerprint data and tokenised random number," Pattern Recognition, 37(11), 2245-2255, 2014. https://doi.org/10.1016/j.patcog.2004.04.011
  37. Lumini, A., & Nanni, L., "An improved biohashing for human authentication," Pattern Recognition, 40(3), 1057-1065, 2007. https://doi.org/10.1016/j.patcog.2006.05.030
  38. M. Burrows, Abadi, M., & Needham, R., "A logic of authentication," ACM Transactions on Computer Systems, 8(1), 18-36, 1990. https://doi.org/10.1145/77648.77649
  39. M. Burrows, Abadi, M., & Needham, R. M., "A logic of authentication," in Proc. of the Royal Society of London A-Mathematical and Physical Sciences, 233-271, 1989.
  40. M. L. Das, A. Saxena, V. P. Gulati, and D. B. Phafstak, "A novel remote user authentication scheme using bilinear pairings," Comput. Security, vol. 25, no. 3, pp. 184-189, May 2006. https://doi.org/10.1016/j.cose.2005.09.002
  41. T. Goriparthia, M. L. Das, and A. Saxena, "An improved bilinear pairing based remote user authentication scheme," Comput. Std. Interfaces, vol. 31, no. 1, pp. 181-185, Jan. 2009. https://doi.org/10.1016/j.csi.2007.11.016
  42. A. S. Khan Pathan, C. S. Hong, and K. Hee, "Bilinear-pairing-based remote user authentication schemes using smart cards," in Proc. of 3rd Int. Conf. Ubiquitous Inf. Manage. Commun., pp. 356-361, 2009.
  43. T. H. Chen, H. L. Yeh, and W. K. Shih, "An advanced ECC dynamic ID based remote mutual authentication scheme for cloud computing," in Proc. of 5th FTRA Int. Confe. Multimedia Ubiquitous Eng., pp. 155-159, 2011.
  44. H. Sun, Q.Wen, H. Zhang, and Z. Jin, "A novel remote user authentication and key agreement scheme for mobile client-server environment," Appl. Math. Inf. Sci., vol. 7, no. 4, pp. 1365-1374, 2013. https://doi.org/10.12785/amis/070414

Cited by

  1. An improved lightweight multiserver authentication scheme vol.30, pp.17, 2017, https://doi.org/10.1002/dac.3351
  2. An Enhanced Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services vol.11, pp.12, 2017, https://doi.org/10.3837/tiis.2017.12.026
  3. Efficient Hierarchical Authentication Protocol for Multiserver Architecture vol.2020, pp.None, 2016, https://doi.org/10.1155/2020/2523834
  4. A Resource-Friendly Authentication Protocol for UAV-Based Massive Crowd Management Systems vol.2021, pp.None, 2016, https://doi.org/10.1155/2021/3437373
  5. An Extended Chaotic Map-Based Authentication and Key Agreement Scheme for Multi-Server Environment vol.9, pp.8, 2016, https://doi.org/10.3390/math9080798