Provably secure authenticated key agreement scheme for distributed mobile cloud computing services |
| |
| Affiliation: | 1. Department of Electronics, Communication and Computers, Faculty of Engineering, Helwan University, 1, Sherif St., Helwan, P.O.11792, Cairo, Egypt;2. Department of Mathematics, Ch. Charan Singh University, Meerut, Uttar Pradesh 250 005, India;3. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India;4. Department of Mathematics, Indian Institute of Technology, Kharagpur 721 302, India;5. Department of Computer Science and Engineering, Indian Institute of Information Technology, Chittoor, Sricity, Andhra Pradesh 517 588, India;1. Laboratoire de Méthodes de Conception de Systèmes, Ecole nationale Supérieure d’Informatique, Algiers, Algeria;2. Centre de Recherche sur l’Information Scientifique et Technique, Algiers, Algeria;3. Heudiasyc UMR CNRS 7253, Université de Technologie de Compiègne, Compiègne Cedex, France;4. Center of Excellence in Information Assurance, King Saud University, Riyadh, Saudi Arabia;1. Department of Mathematics, LNM Institute of Information Technology, Jaipur 302 031, India;2. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India;3. Department of Mathematics, Indian Institute of Technology, Kharagpur 721 302, India |
| |
| Abstract: | With the rapid development of mobile cloud computing, the security becomes a crucial part of communication systems in a distributed mobile cloud computing environment. Recently, in 2015, Tsai and Lo proposed a privacy-aware authentication scheme for distributed mobile cloud computing services. In this paper, we first analyze the Tsai–Lo’s scheme and show that their scheme is vulnerable to server impersonation attack, and thus, their scheme fails to achieve the secure mutual authentication. In addition, we also show that Tsai–Lo’s scheme does not provide the session-key security (SK-security) and strong user credentials’ privacy when ephemeral secret is unexpectedly revealed to the adversary. In order to withstand these security pitfalls found in Tsai–Lo’s scheme, we propose a provably secure authentication scheme for distributed mobile cloud computing services. Through the rigorous security analysis, we show that our scheme achieves SK-security and strong credentials’ privacy and prevents all well-known attacks including the impersonation attack and ephemeral secrets leakage attack. Furthermore, we simulate our scheme for the formal security analysis using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, and show that our scheme is secure against passive and active attacks including the replay and man-in-the-middle attacks. More security functionalities along with reduced computational costs for the mobile users make our scheme more appropriate for the practical applications as compared to Tsai–Lo’s scheme and other related schemes. Finally, to demonstrate the practicality of the scheme, we evaluate the proposed scheme using the broadly-accepted NS-2 network simulator. |
| |
| Keywords: | Cloud computing SK-security Mutual authentication User untraceability AVISPA NS2 simulation |
| 本文献已被 ScienceDirect 等数据库收录! |
|
