Abstract
Cloud computing is a state-of-the-art technology using which a resource starved client can access various services from a remote cloud server. Accessing such remote services requires that the client and server authenticate each other and come to agree on a common session key in secure manner. Most of the recent mutual authentication and key agreement protocols use two and three factor smart card and biometric based techniques. However, due to the consequent increase in cost of resources and added operational complexity, one factor authentication schemes are still popular. In this paper a lightweight Elliptic Curve Cryptography based one factor three way mutual authentication and key negotiation scheme between a lightweight client and server is proposed with proven safety.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
CASB. “Cloud Report.” Skyhigh. www.skyhighnetworks.com/cloud-report/. Accessed 10 Apr 2018
Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 119–132. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_9
Roundup of Cloud Computing Forecasts. https://www.forbes.com/sites/louiscolumbus/2017/04/29/roundup-of-cloud-computing-forecasts-2017/#70ee0b9a31e8. Accessed 10 Apr 2018
The Notorious Nine Cloud Computing Top Threats in 2013. https://cloudsecurityalliance.org/download/the-notorious-nine-cloud-computing-top-threats-in-2013/. Accessed 10 Apr 2018
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1 (2011)
Khalil, I.M., Khreishah, A., Azeem, M.: Cloud computing security: a survey. Computers 3(1), 1–35 (2014)
Halabi, T., Bellaiche, M.: Towards quantification and evaluation of security of cloud service providers. J. Inf. Secur. Appl. 33, 55–65 (2017)
Kalra, S., Sood, S.K.: Secure authentication scheme for IoT and cloud servers. Pervasive Mob. Comput. 24, 210–223 (2015)
Kumari, S., Li, X., Wu, F., Das, A.K., Choo, K.K.R., Shen, J.: Design of a provably secure biometrics-based multi-cloud-server authentication scheme. Future Gener. Comput. Syst. 68, 320–330 (2017)
Qi, M., Chen, J.: An efficient two party authentication key exchange protocol for mobile environment. Int. J. Commun Syst 30(16), e3341 (2017)
Chen, B.L., Kuo, W.C., Wuu, L.C.: Robust smart-card-based remote user password authentication scheme. Int. J. Commun Syst 27(2), 377–389 (2014)
Chandrakar, P., Om, H.: A secure and robust anonymous three-factor remote user authentication scheme for multi-server environment using ECC. Math. Comput. 110, 26–34 (2017)
Paar, C., Pelzl, J.: Understanding Cryptography: A Textbook for Students and Practitioners. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04101-3
Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Heidelberg (2006). https://doi.org/10.1007/b97644
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, Hugh C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Diffie, W., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Cryptogr. 2(2), 107–125 (1992)
von Oheimb, D.: The high-level protocol specification language HLPSL developed in the EU project AVISPA. In: Proceedings of APPSEM 2005 workshop, pp. 1–17, September 2005
Lafourcade, P., Terrade, V., Vigier, S.: Comparison of cryptographic verification tools dealing with algebraic properties. In: Degano, P., Guttman, Joshua D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 173–185. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12459-4_13
Basin, D., Mödersheim, S., Vigano, L.: OFMC: a symbolic model checker for security protocols. Int. J. Inf. Secur. 4(3), 181–208 (2005)
Turuani, M.: The CL-Atse protocol analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006). https://doi.org/10.1007/11805618_21
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
Wander, A.S., Gura, N., Eberle, H., Gupta, V. Shantz, S.C.: Energy analysis of public-key cryptography for wireless sensor networks. In: Third IEEE International Conference on Pervasive Computing and Communications, PerCom 2005, pp. 324–328. IEEE (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chatterjee, S., Samaddar, S.G. (2019). ECC Based Remote Mutual Authentication Scheme for Resource Constrained Client in Cloud. In: Mandal, J., Mukhopadhyay, S., Dutta, P., Dasgupta, K. (eds) Computational Intelligence, Communications, and Business Analytics. CICBA 2018. Communications in Computer and Information Science, vol 1031. Springer, Singapore. https://doi.org/10.1007/978-981-13-8581-0_30
Download citation
DOI: https://doi.org/10.1007/978-981-13-8581-0_30
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-8580-3
Online ISBN: 978-981-13-8581-0
eBook Packages: Computer ScienceComputer Science (R0)