An improved anonymous authentication scheme for distributed mobile cloud computing services

  • Shehzad Ashraf Chaudhry
  • I Luk Kim
  • Seungmin Rho
  • Mohammad Sabzinejad Farash
  • Taeshik Shon
Article
  • 124 Downloads

Abstract

Mobile cloud computing blend mobile and cloud computing together with the help of wireless communication technology to achieve benefits for the stakeholders. These stakeholders include mobile users, mobile service operators and cloud service providers. Assorted challenges are also there for the implementation of mobile cloud computing but security and privacy are the dominant concerns. In order to achieve security and privacy of the said system several attempts are taken up. As the underlying system is complex and more prone against security threats, therefore strong authentication and privacy preserving schemes are desired. Three factor biometrics based authentication schemes are considered more secure for such huge and complex systems. Moreover, computational intelligence is getting popular nowadays for designing more vigorous and reliable biometrics based authentication schemes. Very recently, Tsai and Lo proposed an identity based authentication scheme for distributed mobile cloud computing environments. They claimed to achieve single sign on authentication for multiple service providers. Furthermore, they emphasized the usefulness and security of their scheme. However, the analysis in this paper shows that Tsai and Lo’s scheme is insecure against server forgery attack. It is proved that any adversaries having knowledge of just public parameters can forge as a valid service provider. Then an improved scheme is proposed to mitigate the security weakness. The security of proposed scheme is instantiated under random oracle model as well as the protocol validation model of popular automated tool ProVerif.

Keywords

Mobile cloud computing Identity based authentication Bilinear mapping Elliptic curve cryptography Bilinear mapping ProVerif Random oracle model 

Notes

Acknowledgements

Authors would also like to thank Mr. Shahzad Siddique Chaudhry, anonymous reviewers and the guest editors for their valuable and constructive comments.

References

  1. 1.
    Zhangjie, F., Xingming, S., Qi, L., Lu, Z., Jiangang, S.: Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Transact. Commun. 98(1), 190–200 (2015)Google Scholar
  2. 2.
    Badve, O.P., Gupta, B., Yamaguchi, S., Gou, Z.: Ddos detection and filtering technique in cloud environment using garch model. In: Proceedings of the 2015 IEEE 4th Global Conference on Consumer Electronics (GCCE), pp. 584–586. (2015)Google Scholar
  3. 3.
    Gupta, B.: Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security. IGI Global, Hershey (2016)CrossRefGoogle Scholar
  4. 4.
    Li, J., Li, J., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Transact. Comput. 64(2), 425–437 (2015)MathSciNetCrossRefMATHGoogle Scholar
  5. 5.
    Gupta, B., Badve, O.P.: Taxonomy of dos and ddos attacks and desirable defense mechanism in a cloud computing environment. Neu. Comput. Appl. (2016) doi: 10.1007/s00521-016-2317-5
  6. 6.
    Ren, Y.J., Shen, J., Wang, J., Han, J., Lee, S.Y.: Mutual verifiable provable data auditing in public cloud storage. J. Int. Technol. 16(2), 317–323 (2015)Google Scholar
  7. 7.
    Dinh, H.T., Lee, C., Niyato, D., Wang, P.: A survey of mobile cloud computing: architecture, applications, and approaches. Wireless Commun. Mob. Comput. 13(18), 1587–1611 (2013)CrossRefGoogle Scholar
  8. 8.
    Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X., Ren, K.: A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Transact. Inf. Foren. Secur. 11(11), 2594–2608 (2016)CrossRefGoogle Scholar
  9. 9.
    Wang, Y., Chen, R., Wang, D.C.: A survey of mobile cloud computing applications: perspectives and challenges. Wirel. Person. Commun. 80(4), 1607–1623 (2015)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Fernando, N., Loke, S.W., Rahayu, W.: Mobile cloud computing: a survey. Future Gen. Comput. Syst. 29(1), 84–106 (2013)CrossRefGoogle Scholar
  11. 11.
    Khan, A.N., Kiah, M.M., Khan, S.U., Madani, S.A.: Towards secure mobile cloud computing: a survey. Futur. Gen. Comput. Syst. 29(5), 1278–1299 (2013)CrossRefGoogle Scholar
  12. 12.
    Alizadeh, M., Baharun, S., Zamani, M., Khodadadi, T., Darvishi, M., Gholizadeh, S., Ahmadi, H.: Anonymity and untraceability assessment of authentication protocols in proxy mobile ipv6. Jurnal Teknologi 72(5), 28 (2015)Google Scholar
  13. 13.
    Alizadeh, M., Zamani, M., Baharun, S., Hassan, W.H., Khodadadi, T.: Security and privacy criteria to evaluate authentication mechanisms in proxy mobile ipv6. Jurnal Teknologi 72(5), 28 (2015)Google Scholar
  14. 14.
    Alizadeh, M., Zamani, M., Baharun, S., Manaf, A.A., Sakurai, K., Anada, H., Keshavarz, H., Chaudhry, S.A., Khan, M.K.: Cryptanalysis and improvement of “a secure password authentication mechanism for seamless handover in proxy mobile ipv6 networks”. PloS one 10(11), e0142 (2015)CrossRefGoogle Scholar
  15. 15.
    He, D., Zeadally, S., Kumar, N., Lee, J.H.: Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J. 99, 1–12 (2016)Google Scholar
  16. 16.
    He, D., Zeadally, S., Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. 99, 1–10 (2015)CrossRefGoogle Scholar
  17. 17.
    Li, J., Liu, Z., Chen, X., Xhafa, F., Tan, X., Wong, D.S.: L-encdb: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl. Based Syst. 79, 18–26 (2015)CrossRefGoogle Scholar
  18. 18.
    Tsai, J.L., Lo, N.W., Wu, T.C.: Secure delegation-based authentication protocol for wireless roaming service. Commun. Lett. IEEE 16(7), 1100–1102 (2012)CrossRefGoogle Scholar
  19. 19.
    Wang, D., He, D., Wang, P., Chu, C.H.: Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. Dependable and secure computing. IEEE Transact. 12(4), 428–442 (2015)Google Scholar
  20. 20.
    Wang, D., Wang, P.: On the anonymity of two-factor authentication schemes for wireless sensor networks: attacks, principle and solutions. Comput. Netw. 73, 41–57 (2014)CrossRefGoogle Scholar
  21. 21.
    Wang, D., Wang, P.A.: Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad. Hoc. Netw. 20, 1–115 (2014)CrossRefGoogle Scholar
  22. 22.
    Xiao, Z., Xiao, Y.: Security and privacy in cloud computing. Commun. Surv. Tutor. IEEE 15(2), 843–859 (2013)CrossRefGoogle Scholar
  23. 23.
    Alizadeh, M., Abolfazli, S., Zamani, M., Baharun, S., Sakurai, K.: Authentication in mobile cloud computing: a survey. J. Netw. Comput. Appl. 61, 59–80 (2016)CrossRefGoogle Scholar
  24. 24.
    Lin, H., Xu, L., Huang, X., Wu, W., Huang, Y.: A trustworthy access control model for mobile cloud computing based on reputation and mechanism design. Ad Hoc Networks 35, 51–64 (2015). doi: 10.1016/j.adhoc.2015.07.007. (Special Issue on Big Data Inspired Data Sensing, Processing and Networking Technologies)
  25. 25.
    Armando, A., Carbone, R., Compagna, L., Cuéllar, J., Pellegrino, G., Sorniotti, A.: An authentication flaw in browser-based single sign-on protocols: impact and remediations. Comput. Secu. 33, 41–58 (2013)CrossRefGoogle Scholar
  26. 26.
    He, D., Kumar, N., Chilamkurti, N.: A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci. 321, 263–277 (2015)CrossRefGoogle Scholar
  27. 27.
    He, D., Kumar, N., Wang, H., Wang, L., Choo, K.K.R., Vinel, A.: A provably-secure cross-domain handshake scheme with symptoms-matching for mobile healthcare social network. IEEE Transact. Depend. Secure Comput. 1, 99 (2016)Google Scholar
  28. 28.
    He, D., Zeadally, S.: Authentication protocol for an ambient assisted living system. Commun. Mag. IEEE 53(1), 71–77 (2015)CrossRefGoogle Scholar
  29. 29.
    Tsai, J.L., Lo, N.W.: A privacy-aware authentication scheme for distributed mobile cloud computing services. Syst. J. IEEE 9(3), 805–815 (2015)CrossRefGoogle Scholar
  30. 30.
    Wang, D., Guang, C.: Cryptanalysis of a remote user authentication scheme for mobile client-server environment based on ECC. Inf. Fus. 14(4), 498–503 (2013)CrossRefGoogle Scholar
  31. 31.
    Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for key management-part 1: general. NIST Spec. Publ. 800, 1–147 (2006)Google Scholar
  32. 32.
    Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)MathSciNetCrossRefMATHGoogle Scholar
  33. 33.
    Miller, V.: Use of elliptic curves in cryptography. In: Proceedings of Advances in Cryptology—CRYPTO’85, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  34. 34.
    Du, H., Wen, Q.: An efficient identity-based short signature scheme from bilinear pairings. In: Proceedings of the International Conference on Computational Intelligence and Security, pp. 725–729. IEEE (2007)Google Scholar
  35. 35.
    Lim, H.W., Robshaw, M.J.: On identity-based cryptography and grid computing. Computational science, pp. 474–477. Springer, Berlin (2004)Google Scholar
  36. 36.
    Lim, H.W., Robshaw, M.J.A.: A dynamic key infrastructure for grid, pp. 255–264. Springer, Berlin (2005)Google Scholar
  37. 37.
    Li, H., Dai, Y., Tian, L., Yang, H.: Identity-based authentication for cloud computing, pp. 157–166. Springer, Berlin (2009)Google Scholar
  38. 38.
    Hughes, D., Shmatikov, V.: Information hiding, anonymity and privacy: a modular approach. J. Comput. Secur. 12(1), 3–36 (2004)CrossRefGoogle Scholar
  39. 39.
    Tsai, J.L., Lo, N.W., Wu, T.C.: Novel anonymous authentication scheme using smart cards. Industrial informatics. IEEE Transact. 9(4), 2004–2013 (2013)Google Scholar
  40. 40.
    Huang, X., Xiang, Y., Bertino, E., Zhou, J., Xu, L.: Robust multi-factor authentication for fragile communications. Dependable and secure computing. IEEE Transact. 11(6), 568–581 (2014)Google Scholar
  41. 41.
    Sun, H., Wen, Q., Zhang, H., Jin, Z.: A novel remote user authentication and key agreement scheme for mobile client-server environment. Appl. Math. 7(4), 1365–1374 (2013)MathSciNetMATHGoogle Scholar
  42. 42.
    Wang, D., Mei, Y., Ma, C.g., Cui, Z.s.: Comments on an advanced dynamic id-based authentication scheme for cloud computing. In: Proceedings of the Web Information Systems and Mining, pp. 246–253. Springer, Heidelberg (2012)Google Scholar
  43. 43.
    Yang, X., Huang, X., Liu, J.K.: Efficient handover authentication with user anonymity and untraceability for mobile cloud computing. Futu. Gen. Comput. Syst. 62, 190–195 (2015)CrossRefGoogle Scholar
  44. 44.
    Cao, X., Zhong, S.: Breaking a remote user authentication scheme for multi-server architecture. Commun. Lett. IEEE 10(8), 580–581 (2006)CrossRefGoogle Scholar
  45. 45.
    Dolev, D., Yao, A.C.: On the security of public key protocols. Information theory. IEEE Transact. 29(2), 198–208 (1983)MATHGoogle Scholar
  46. 46.
    Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.: On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In: Wagner, D. (ed.) Advances in Cryptology, CRYPTO 2008. Lecture Notes in Computer Science, pp. 203–220. Springer, Berlin (2008)CrossRefGoogle Scholar
  47. 47.
    Xie, Q., Dong, N., Wong, D.S., Hu, B.: Cryptanalysis and security enhancement of a robust two-factor authentication and key agreement protocol. Int. J. Commun. Syst. 29, 478–487 (2014)CrossRefGoogle Scholar
  48. 48.
    Chaudhry, S.A., Naqvi, H., Sher, M., Farash, M.S.: An improved and provably secure privacy preserving authentication protocol for sip. Peer Peer Netw. Appl. 10(1), 1–15 (2015)Google Scholar
  49. 49.
    Goriparthi, T., Das, M.L., Saxena, A.: An improved bilinear pairing based remote user authentication scheme. Comput. Stand. Interf. 31(1), 181–185 (2009)CrossRefGoogle Scholar
  50. 50.
    De Caro, A., Iovino, V.: jpbc: Java pairing based cryptography. In: Proceedings of the 16th IEEE Symposium on Computers and Communications, ISCC 2011, pp. 850–855. IEEE, Kerkyra, Corfu, Greece, 28 June–1 July 2011Google Scholar
  51. 51.
    Java pairing based cryptography (jpbc). http://gas.dia.unisa.it/projects/jpbc/#.VcUnwbU0rlw (2015). Accessed 7 Aug 2015

Copyright information

© Springer Science+Business Media, LLC 2017

Authors and Affiliations

  • Shehzad Ashraf Chaudhry
    • 1
  • I Luk Kim
    • 2
  • Seungmin Rho
    • 3
  • Mohammad Sabzinejad Farash
    • 4
  • Taeshik Shon
    • 5
  1. 1.Department of Computer Science & Software EngineeringInternational Islamic UniversityIslamabadPakistan
  2. 2.Department of Computer SciencePurdue UniversityWest LafayetteUSA
  3. 3.Department of MultimediaSungkyul UniversityAnyang-siRepublic of Korea
  4. 4.Faculty of Mathematical Sciences and ComputerKharazmi UniversityTehranIran
  5. 5.Division of Information and Computer Engineering, College of Information TechnologyAjou UniversitySuwonKorea

Personalised recommendations