A clogging resistant secure authentication scheme for fog computing services

Abstract Fog computing (FC) is an infrastructure consisting of decentralized computing, where computing resources such as storage, applications, and data are scattered among the cloud and data source. Fog computing inherits similar privacy and security concerns present in cloud computing, such as authentication and key management issues. Recently, Wazid et al. presented a scheme of authentication key exchange for fog computing called SAKA-FC to address these issues. We analyzed and identified that the SAKA-FC suffers from some severe vulnerabilities. Furthermore, we presented an improved scheme to mitigate these problems while retaining its strengths. The formal security analysis of the proposed scheme is validated through BAN logic. At the same time, the AVISPA tool is employed for automated formal security verification. Informal security analysis is conducted to attest that the proposal can confront the known attacks. Using computation and communication costs as the metrics, the proposed scheme is also compared with some state-of-the-art schemes. The proposed scheme achieves the same communication cost as of SAKA-FC, whereas the difference in computation cost is 24%. This increase in computation cost is justifiable as the proposal is resistant to clogging attacks and provides better security than the prior schemes.

[1]  C. Siva Ram Murthy,et al.  Topology Control in Fog Computing Enabled IoT Networks for Smart Cities , 2020, Comput. Networks.

[2]  Mu-En Wu,et al.  A secure authenticated and key exchange scheme for fog computing , 2020, Enterp. Inf. Syst..

[3]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[4]  Zhihua Xia,et al.  A Privacy-Preserving and Copy-Deterrence Content-Based Image Retrieval Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[5]  Arwa Alrawais,et al.  An Attribute-Based Encryption Scheme to Secure Fog Communications , 2017, IEEE Access.

[6]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[7]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[8]  Mohsen Guizani,et al.  Edge Computing in the Industrial Internet of Things Environment: Software-Defined-Networks-Based Edge-Cloud Interplay , 2018, IEEE Communications Magazine.

[9]  Gustavo Caiza,et al.  Fog computing at industrial level, architecture, latency, energy, and security: A review , 2020, Heliyon.

[10]  Burak Kantarci,et al.  Self Organizing Feature Map for Fake Task Attack Modelling in Mobile Crowdsensing , 2019, 2019 IEEE Global Communications Conference (GLOBECOM).

[11]  Dushantha Nalin K. Jayakody,et al.  SDN-Based Secure and Privacy-Preserving Scheme for Vehicular Networks: A 5G Perspective , 2019, IEEE Transactions on Vehicular Technology.

[12]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[13]  Swapnoneel Roy,et al.  Cryptanalysis and Improvement of ECC Based Authentication and Key Exchanging Protocols , 2017, Cryptogr..

[14]  Fadi Al-Turjman,et al.  Fog computing for sustainable smart cities in the IoT era: Caching techniques and enabling technologies - an overview , 2020, Sustainable Cities and Society.

[15]  Zoltán Ádám Mann,et al.  Classification of optimization problems in fog computing , 2020, Future Gener. Comput. Syst..

[16]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[17]  Sidi-Mohammed Senouci,et al.  A two-way trust management system for fog computing , 2020, Future Gener. Comput. Syst..

[18]  Nikil D. Dutt,et al.  HiCH: Hierarchical Fog-Assisted Computing Architecture for Healthcare IoT , 2017, ACM Trans. Embed. Comput. Syst..

[19]  Thar Baker,et al.  A Mechanism for Securing IoT-enabled Applications at the Fog Layer , 2019, J. Sens. Actuator Networks.

[20]  Albert Y. Zomaya,et al.  A Hybrid Deep Learning-Based Model for Anomaly Detection in Cloud Datacenter Networks , 2019, IEEE Transactions on Network and Service Management.

[21]  Seungmin Rho,et al.  An improved anonymous authentication scheme for distributed mobile cloud computing services , 2017, Cluster Computing.

[22]  Tie Qiu,et al.  Security and Privacy Preservation Scheme of Face Identification and Resolution Framework Using Fog Computing in Internet of Things , 2017, IEEE Internet of Things Journal.

[23]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[24]  Christof Paar,et al.  On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme , 2008, CRYPTO.

[25]  Musheer Ahmad,et al.  PALK: Password-based anonymous lightweight key agreement framework for smart grid , 2020 .

[26]  Fadi Al-Turjman,et al.  Securing Demand Response Management: A Certificate-Based Access Control in Smart Grid Edge Computing Infrastructure , 2020, IEEE Access.

[27]  Rolf Oppliger,et al.  Protecting Key Exchange and Management Protocols Against Resource Clogging Attacks , 1999, Communications and Multimedia Security.

[28]  Shehzad Ashraf Chaudhry Correcting “PALK: Password-based anonymous lightweight key agreement framework for smart grid” , 2021 .

[29]  Debasis Giri,et al.  A robust authentication and access control protocol for securing wireless healthcare sensor networks , 2020, J. Inf. Secur. Appl..

[30]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[31]  Arif Ur Rahman,et al.  Security and key management in IoT‐based wireless sensor networks: An authentication protocol using symmetric key , 2019, Int. J. Commun. Syst..

[32]  Zeeshan Ali,et al.  Securing Smart City Surveillance: A Lightweight Authentication Mechanism for Unmanned Vehicles , 2020, IEEE Access.

[33]  Tao Zhang,et al.  Fog and IoT: An Overview of Research Opportunities , 2016, IEEE Internet of Things Journal.

[34]  Mohammad S. Obaidat,et al.  Edge Computing-Based Security Framework for Big Data Analytics in VANETs , 2019, IEEE Network.

[35]  Kim-Kwang Raymond Choo,et al.  An Efficient and Provably Secure Authenticated Key Agreement Protocol for Fog-Based Vehicular Ad-Hoc Networks , 2019, IEEE Internet of Things Journal.

[36]  Thar Baker,et al.  Improving fog computing performance via Fog-2-Fog collaboration , 2019, Future Gener. Comput. Syst..

[37]  Debasis Das,et al.  CFSec: Password based secure communication protocol in cloud-fog environment , 2020, J. Parallel Distributed Comput..

[38]  Prosanta Gope,et al.  LAAP: Lightweight anonymous authentication protocol for D2D-Aided fog computing paradigm , 2019, Comput. Secur..

[39]  Keke Gai,et al.  Intelligent security and optimization in Edge/Fog Computing , 2020, Future Gener. Comput. Syst..

[40]  Donghyun Kim,et al.  On security and privacy issues of fog computing supported Internet of Things environment , 2015, 2015 6th International Conference on the Network of the Future (NOF).

[41]  Athanasios V. Vasilakos,et al.  Design of secure key management and user authentication scheme for fog computing services , 2019, Future Gener. Comput. Syst..

[42]  Robert Barton,et al.  Fog Computing Conceptual Model , 2018 .

[43]  Thar Baker,et al.  A secure fog‐based platform for SCADA‐based IoT critical infrastructure , 2020, Softw. Pract. Exp..

[44]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM 2001.

[45]  Fadi Al-Turjman,et al.  Correcting design flaws: An improved and cloud assisted key agreement scheme in cyber physical systems , 2020, Comput. Commun..