Efficient user authentication protocol for distributed multimedia mobile cloud environment

The rapid growth of smart-phone users, mobile services and mobile applications, poses the challenges of storage space, processing capability, and battery lifetime at the users smart phones. Mobile cloud computing helps to overcome these challenges. Presently, when a mobile user wants to subscribe to various Multimedia based cloud service providers (MBCSPs), he/she need to register separately for each of MBCSP. Although one can use single sign-on methods, they are unreliable due to the presence of any untrusted server. Hence, we propose a three-factor mobile user authentication protocol for Distributed Multimedia based cloud services. Our proposed method consists of strong authentication between the mobile user and multimedia-based cloud service providers using session key agreement, choice-based MBCSPs registration, initial mobile user identity registration checking, time of validity for secret key issued by Registration center (RC) to mobile user and time of validity for secret key issued by RC to MBCSPs respectively. We have verified our protocol with various attack scenarios using informal analysis, formal proof using BurrowsAbadiNeedham (BAN) logic and formal security analysis using Automated Validation of Internet Security Protocols and Applications tool (AVISPA) respectively. Our proposed protocol provides better performance and foolproof security.

[1]  Chong Luo,et al.  Multimedia Cloud Computing , 2011, IEEE Signal Processing Magazine.

[2]  Muhammad Khurram Khan,et al.  A more secure and privacy-aware anonymous user authentication scheme for distributed mobile cloud computing environments , 2016, Secur. Commun. Networks.

[3]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[4]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[5]  Rajkumar Buyya,et al.  Augmentation Techniques for Mobile Cloud Computing , 2018, ACM Comput. Surv..

[6]  Peilin Hong,et al.  A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture , 2012, J. Comput. Syst. Sci..

[7]  Christof Paar,et al.  On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme , 2008, CRYPTO.

[8]  Xiong Li,et al.  Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards , 2011, J. Netw. Comput. Appl..

[9]  Meng Chang Chen,et al.  An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics , 2014, Expert Syst. Appl..

[10]  Jia-Lun Tsai,et al.  A Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services , 2015, IEEE Systems Journal.

[11]  Shashikala Tapaswi,et al.  Robust Smart Card Authentication Scheme for Multi-server Architecture , 2013, Wireless Personal Communications.

[12]  Jian Ma,et al.  A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments , 2013, Math. Comput. Model..

[13]  Qin Liu,et al.  Provably secure anonymous three-factor authentication scheme for multi-server environments , 2019, J. Ambient Intell. Humaniz. Comput..

[14]  Bin Wang,et al.  A Smart Card Based Efficient and Secured Multi-Server Authentication Scheme , 2012, Wireless Personal Communications.

[15]  Shehzad Ashraf Chaudhry A secure biometric based multi-server authentication scheme for social multimedia networks , 2016, Multimedia Tools and Applications.

[16]  Seungmin Rho,et al.  An improved anonymous authentication scheme for distributed mobile cloud computing services , 2017, Cluster Computing.

[17]  Debiao He,et al.  Robust Biometrics-Based Authentication Scheme for Multiserver Environment , 2015, IEEE Systems Journal.

[18]  Kuldip Singh,et al.  A secure dynamic identity based authentication protocol for multi-server architecture , 2011, J. Netw. Comput. Appl..

[19]  Yevgeniy Dodis,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, EUROCRYPT.

[20]  Yang Liu,et al.  A machine learning-based scheme for the security analysis of authentication and key agreement protocols , 2018, Neural Computing and Applications.

[21]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, CRYPTO.

[22]  Debiao He,et al.  Security Flaws in a Smart Card Based Authentication Scheme for Multi-server Environment , 2012, Wireless Personal Communications.

[23]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[24]  LiLixiang,et al.  A biometrics and smart cards-based authentication scheme for multi-server environments , 2015 .

[25]  Piotr Nawrocki,et al.  Adaptive Service Management in Mobile Cloud Computing by Means of Supervised and Reinforcement Learning , 2017, Journal of Network and Systems Management.

[26]  Xiao Zhang,et al.  Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme , 2016, PloS one.

[27]  Cheng-Chi Lee,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards , 2011, Expert Syst. Appl..

[28]  Ruhul Amin,et al.  Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-server Environment , 2015, Wireless Personal Communications.

[29]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[30]  Lixiang Li,et al.  A biometrics and smart cards-based authentication scheme for multi-server environments , 2015, Secur. Commun. Networks.

[31]  Athanasios V. Vasilakos,et al.  On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services , 2017, IEEE Access.

[32]  Yingjiu Li,et al.  Cryptanalysis of Hsiang-Shih's authentication scheme for multi-server architecture , 2011, Int. J. Commun. Syst..

[33]  Eun-Jun Yoon,et al.  Design of Mutually Authenticated Key Agreement Protocol Resistant to Impersonation Attacks for Multi-Server Environment , 2017, IEEE Access.

[34]  Jianfeng Ma,et al.  On the Security of a Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services , 2018, IEEE Systems Journal.

[35]  Jenq-Shiou Leu,et al.  An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures , 2014, The Journal of Supercomputing.

[36]  Jian Ma,et al.  An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards , 2012, J. Netw. Comput. Appl..

[37]  Wei Liang,et al.  An Enhancement of a Smart Card Authentication Scheme for Multi-server Architecture , 2015, Wirel. Pers. Commun..

[38]  Anil Kumar Dudyala,et al.  Bank note authentication using decision tree rules and machine learning techniques , 2015, 2015 International Conference on Advances in Computer Engineering and Applications.

[39]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[40]  Gunasekaran Manogaran,et al.  An efficient anonymous mutual authentication technique for providing secure communication in mobile cloud computing for smart city applications , 2019, Sustainable Cities and Society.

[41]  Shuenn-Shyang Wang,et al.  A secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[42]  Wei-Kuan Shih,et al.  Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment , 2009, Comput. Stand. Interfaces.

[43]  Sourav Mukhopadhyay,et al.  A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards , 2014, Expert Syst. Appl..

[44]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[45]  Jian Shen,et al.  Efficient Privacy-Aware Authentication Scheme for Mobile Cloud Computing Services , 2018, IEEE Systems Journal.

[46]  Yixian Yang,et al.  Robust Biometrics Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards , 2015, PloS one.

[47]  Vanga Odelu,et al.  A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards , 2015, IEEE Transactions on Information Forensics and Security.