Browse > Article
http://dx.doi.org/10.3837/tiis.2016.12.021

An improved Multi-server Authentication Scheme for Distributed Mobile Cloud Computing Services  

Irshad, Azeem (Department of Computer Science & Software Engineering, International Islamic University)
Sher, Muhammad (Department of Computer Science & Software Engineering, International Islamic University)
Ahmad, Hafiz Farooq (College of Computer Sciences and Information Technology (CCSIT), King Faisal University)
Alzahrani, Bander A. (Faculty of Computing & Information Technology, King Abdulaziz University)
Chaudhry, Shehzad Ashraf (Department of Computer Science & Software Engineering, International Islamic University)
Kumar, Rahul (S. S. V. (P.G.) college Hapur)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.10, no.12, 2016 , pp. 5529-5552 More about this Journal
Abstract
Mobile cloud computing (MCC) has revolutionized the way in which the services can be obtained from the cloud service providers. Manifold increase in the number of mobile devices and subscribers in MCC has further enhanced the need of an efficient and robust authentication solution. Earlier, the subscribers could get cloud-computing services from the cloud service providers only after having consulted the trusted third party. Recently, Tsai and Lo has proposed a multi-server authenticated key agreement solution for MCC based on bilinear pairing, to eliminate the trusted third party for mutual authentication. The scheme has been novel as far as the minimization of trusted party involvement in authenticating the user and service provider, is concerned. However, the Tsai and Lo scheme has been found vulnerable to server spoofing attack (misrepresentation attack), de-synchronization attack and denial-of-service attack, which renders the scheme unsuitable for practical deployment in different wireless mobile access networks. Therefore, we have proposed an improved model based on bilinear pairing, countering the identified threats posed to Tsai and Lo scheme. Besides, the proposed work also demonstrates performance evaluation and formal security analysis.
Keywords
Multi-server authentication; mobile cloud computing; trusted third party; attacks; cryptanalysis;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Khan, M. K., & Kumari, S., "An improved biometrics-based remote user authentication scheme with user anonymity," BioMed research international, 2013.
2 Farash, M. S., Turkanovic, M., Kumari, S., & Holbl, M., "An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment," Ad Hoc Networks, 36, 152-176, 2016.   DOI
3 Li, X., Niu, J., Kumari, S., Liao, J., & Liang, W., "An enhancement of a smart card authentication scheme for multi-server architecture," Wireless Personal Communications, 80(1), 175-192, 2015.   DOI
4 Kumari, S., Chaudhry, S. A., Wu, F., Li, X., Farash, M. S., & Khan, M. K., "An improved smart card based authentication scheme for session initiation protocol," Peer-to-Peer Networking and Applications, 1-14, 2015.
5 Boneh, D., Lynn, B., & Shacham, H., "Short signatures from the Weil pairing," in Proc. of Advances in Cryptology-ASIACRYPT 2001 (pp. 514-532). Springer Berlin Heidelberg, 2015.
6 Jin, A. T. B., Ling, D. N. C., & Goh, A., "Biohashing: Two factor authentication featuringfingerprint data and tokenised random number," Pattern Recognition, 37(11), 2245-2255, 2014.   DOI
7 Lumini, A., & Nanni, L., "An improved biohashing for human authentication," Pattern Recognition, 40(3), 1057-1065, 2007.   DOI
8 M. L. Das, A. Saxena, V. P. Gulati, and D. B. Phafstak, "A novel remote user authentication scheme using bilinear pairings," Comput. Security, vol. 25, no. 3, pp. 184-189, May 2006.   DOI
9 M. Burrows, Abadi, M., & Needham, R., "A logic of authentication," ACM Transactions on Computer Systems, 8(1), 18-36, 1990.   DOI
10 M. Burrows, Abadi, M., & Needham, R. M., "A logic of authentication," in Proc. of the Royal Society of London A-Mathematical and Physical Sciences, 233-271, 1989.
11 T. Goriparthia, M. L. Das, and A. Saxena, "An improved bilinear pairing based remote user authentication scheme," Comput. Std. Interfaces, vol. 31, no. 1, pp. 181-185, Jan. 2009.   DOI
12 A. S. Khan Pathan, C. S. Hong, and K. Hee, "Bilinear-pairing-based remote user authentication schemes using smart cards," in Proc. of 3rd Int. Conf. Ubiquitous Inf. Manage. Commun., pp. 356-361, 2009.
13 Han, N. D., Han, L., Tuan, D. M., In, H. P., & Jo, M., "A scheme for data confidentiality in cloud-assisted wireless body area networks," Information sciences, 284, 157-166, 2014.   DOI
14 ABI Research Report, Mobile Cloud Applications. [Online]. Available: http://www.abiresearch.com/research/1003385-Mobile+Cloud+Computing
15 T. H. Chen, H. L. Yeh, and W. K. Shih, "An advanced ECC dynamic ID based remote mutual authentication scheme for cloud computing," in Proc. of 5th FTRA Int. Confe. Multimedia Ubiquitous Eng., pp. 155-159, 2011.
16 H. Sun, Q.Wen, H. Zhang, and Z. Jin, "A novel remote user authentication and key agreement scheme for mobile client-server environment," Appl. Math. Inf. Sci., vol. 7, no. 4, pp. 1365-1374, 2013.   DOI
17 X. F. Qiu, J.W. Liu, and P. C. Zhao, "Secure cloud computing architecture on mobile Internet," in Proc. of 2nd Int. Conf. AIMSEC, pp. 619-622, 2011.
18 N. Fernando, S. W. Loke, and W. Rahayu, "Mobile cloud computing: A survey," Future Gen. Comput. Sys., vol. 29, no. 1, pp. 84-106, Jan. 2013.   DOI
19 G. Le, K. Xu, M. Song, and J. Song, "A survey on research on mobile cloud computing," in Proc. of10th IEEE/ACIS/Int. Conf. Comput. Inf. Sci., pp. 387-392, 2011.
20 W. G. Song and X. L. Su, "Review of mobile cloud computing," in Proc. of IEEE ICCSN, pp. 1-4, 2011.
21 H. Ahn, H. Chang, C. Jang, and E. Choi, "User authentication platform using provisioning in cloud computing environment," in Proc. of ACN CCIS, vol. 199, pp. 132-138, 2011.
22 P. Urien, E. Marie, and C. Kiennert, "An innovative solution for cloud computing authentication: Grids of EAP-TLS smart cards," in Proc. of 5th Int. Conf. Digit. Telecommun., pp. 22-27, 2010.
23 J. L. Tsai, N. W. Lo, and T. C. Wu, "Secure delegation-based authentication protocol for wireless roaming service," IEEE Commun. Lett., vol. 16, no. 7, pp. 1100-1102, Jul. 2012.   DOI
24 H. Chang and E. Choi, "User authentication in cloud computing," in Proc. of UCMA CCIS, vol. 151, pp. 338-342, 2011.
25 Z. Xiao and Y. Xiao, "Security and privacy in cloud computing," IEEE Commun. Surveys Tuts., vol. 15, no. 2, pp. 843-859, Jul. 2012.
26 W. Itani, A. Kayssi, and A. Chehab, "Privacy as a service: Privacy-aware data storage and processing in cloud computing architectures," in Proc. of IEEE Int. Conf. Dependable Auton. Secure Comput., pp. 711-716, 2009.
27 S. Pearson, "Taking account of privacy when designing cloud computing services," in Proc. of CLOUD ICSEWorkshop Softw. Eng. Challenges Cloud Comput., pp. 44-52, 2009.
28 H. Takabi, J. B. D. Joshi, and G. Ahn, "Security and privacy challenges in cloud computing environments," IEEE Security Privacy, vol. 8, no. 6, pp. 24-31, Nov./Dec. 2010.   DOI
29 OpenID Foundation, OpenID Authentication 2.0, 2007. [Online]. Available: http://openid.net/specs/openid-authentication-2_0.html
30 N. Koblitz, "Elliptic curve cryptosystems," Math. Comput., vol. 48, no. 177, pp. 203-209, 1987.   DOI
31 V. Miller, "Use of elliptic curves in cryptography," in Proc. of CRYPTO, pp. 417-426, 1986.
32 "Recommendation for key management-Part 1: General," Gaithersburg, MD, USA, Aug. 2005, Special Publication 800-57.
33 D. Boneh and M. Franklin, "Identity-based encryption from the Weil pairing," in Proc. of Advances in Cryptology-CRYPTO, vol. 2139, LNCS. Berlin, Germany: Springer-Verlag, pp. 213-229, 2001.
34 J. C. Cha and J. H. Cheon, "An identity-based signature from gap Diffie-Hellman groups," in Proc. of Public Key Cryptography PKC, vol. 2139, LNCS. Berlin, Germany: Springer-Verlag, pp. 18-30, 2003.
35 H. Li, Y. Dai, L. Tian, and H. Yang, "Identity-based authentication for cloud computing," in Proc. of CloudCom, pp. 157-166, 2009.
36 H. Z. Du and Q. Y. Wen, "An efficient identity-based short signature scheme from bilinear pairings," in Proc. of Int. Conf. CIS, pp. 725-729, 2007.
37 H. W. Lim and M. Robshaw, "On identity-based cryptography and grid computing," in Proc. of ICCS, pp. 474-477, 2004.
38 H.W. Lim and M. Robshaw, "A dynamic key infrastructure for GRID," in Proc. of EGC, pp. 255-264, 2005.
39 A. Armando et al., "An authentication flaw in browser-based single sign-on protocols: Impact and remediations," Comput. Security, vol. 33, pp. 41-58, Mar. 2013.   DOI
40 W. Mao, "An identity-based non-interactive authentication framework for computational grids," HP Labs, Palo Alto, CA, USA, Tech. Rep. HPL-2004-96, Jun. 2004.
41 V. S. Hughes, "Information hiding, anonymity and privacy a modular approach," J. Comput. Security, vol. 12, no. 1, pp. 3-36, Jan. 2004.   DOI
42 J. L. Tsai, N. W. Lo, and T. C. Wu, "Novel anonymous authentication scheme using smart cards," IEEE Trans. Ind. Informat., vol. 9, no. 4, pp. 2004-2013, Nov. 2013.   DOI
43 J. L. Tsai and N. W. Lo, "A privacy-aware authentication scheme fordistributed mobile cloud computing services,"IEEE Syst. J.,vol.9, no. 3, pp. 805-815, Sep. 2015.   DOI
44 Wu, F., Xu, L., Kumari, S., & Li, X., "A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks," Computers & Electrical Engineering, 45, 274-285, 2015.   DOI