A new secure authentication scheme for cloud computing environment

Cloud computing is an emerging computing area that allows on‐demand, scalable, flexible, and low‐cost services to the users. In cloud computing, access control and security are two major problems. In this paper, a novel authentication scheme using Chebyshev chaotic maps has been presented. The proposed model satisfies many security factors, such as scalability of login, mutual authentication, freedom of password change, two‐factor security, and forward security. Two‐factor security is a method that requires two credentials for authentication, where the first factor may be something that users know and the second factor may be something that users have. Forward security assures the confidentiality of the user's session key, even if the private key of the server is compromised. In addition, the proposed scheme provides users with untraceability and anonymity, which means that any kind of adversary neither gets the identities of users or servers nor link several sessions with a user or server. The proposed model is secured under the computational Diffie–Hellman assumption of Chebyshev polynomials in the random oracle model. Moreover, security and performance analysis show that the proposed scheme can resist different security attacks in cloud computing environment and it is better than existing schemes. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  Ueli Maurer,et al.  Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1994, CRYPTO.

[2]  Xiaoping Wu,et al.  Cloud Computing System Based on Trusted Computing Platform , 2010, 2010 International Conference on Intelligent Computation Technology and Automation.

[3]  Shashikala Tapaswi,et al.  Enhanced Time-Bound Ticket-Based Mutual Authentication Scheme for Cloud Computing , 2013, Informatica.

[4]  T. S. Raghu,et al.  The Information Assurance Practices of Cloud Computing Vendors , 2010, IT Professional.

[5]  Robert H. Deng,et al.  Variations of Diffie-Hellman Problem , 2003, ICICS.

[6]  Slawomir Grzonkowski,et al.  Sharing cloud services: user authentication for social enhancement of home networking , 2011, IEEE Transactions on Consumer Electronics.

[7]  Xiaofeng Liao,et al.  A novel key agreement protocol based on chaotic maps , 2007, Inf. Sci..

[8]  Cong Wang,et al.  Toward Secure and Dependable Storage Services in Cloud Computing , 2012, IEEE Transactions on Services Computing.

[9]  Yan-yan Wang,et al.  A more efficient and secure dynamic ID-based remote user authentication scheme , 2009, Comput. Commun..

[10]  Kenli Li,et al.  Scheduling Precedence Constrained Stochastic Tasks on Heterogeneous Cluster Systems , 2015, IEEE Transactions on Computers.

[11]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[12]  Sirma Yavuz,et al.  Designing chaotic S-boxes based on time-delay chaotic system , 2013 .

[13]  Ali Kanso,et al.  Keyed hash function based on a chaotic map , 2012, Inf. Sci..

[14]  Marjory S. Blumenthal,et al.  Hide and Seek in the Cloud , 2010, IEEE Security & Privacy.

[15]  Abhishek Majumder,et al.  Taxonomy and Classification of Access Control Models for Cloud Environments , 2014 .

[16]  Amit K. Awasthi,et al.  An enhanced remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[17]  Ashutosh Saxena,et al.  A dynamic ID-based remote user authentication scheme , 2004, IEEE Transactions on Consumer Electronics.

[18]  Dongho Won,et al.  Security Weaknesses of Dynamic ID-based Remote User Authentication Protocol , 2009 .

[19]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[20]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[21]  Takeshi Koshiba,et al.  More on Security of Public-Key Cryptosystems Based on Chebyshev Polynomials , 2007, IEEE Transactions on Circuits and Systems II: Express Briefs.

[22]  Ljupco Kocarev,et al.  Public-key encryption based on Chebyshev maps , 2003, Proceedings of the 2003 International Symposium on Circuits and Systems, 2003. ISCAS '03..

[23]  M. Tech,et al.  Privacy Preserving Data Sharing With Anonymous ID Assignment , 2015 .

[24]  R. C. Mittal,et al.  Dynamic ID-based remote user password authentication schemes using smart cards: A review , 2012, J. Netw. Comput. Appl..

[25]  Kwok-Wo Wong,et al.  A combined chaotic cryptographic and hashing scheme , 2003 .

[26]  Abhishek Majumder,et al.  Profile based access control model in cloud computing environment , 2014, 2014 International Conference on Green Computing Communication and Electrical Engineering (ICGCCEE).

[27]  Hyotaek Lim,et al.  Two Factor Authentication for Cloud Computing , 2010, J. Inform. and Commun. Convergence Engineering.

[28]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[29]  Kenli Li,et al.  A Profit Maximization Scheme with Guaranteed Quality of Service in Cloud Computing , 2015, IEEE Transactions on Computers.

[30]  Eun-Jun Yoon,et al.  A New Key Agreement Protocol Based on Chaotic Maps , 2008, KES-AMSTA.

[31]  Toshiya Itoh,et al.  An ID-based cryptosystem based on the discrete logarithm problem , 1989, IEEE J. Sel. Areas Commun..

[32]  Tzonelih Hwang,et al.  Identity-based conference key broadcast systems , 1994 .

[33]  Antonio Puliafito,et al.  Security and Cloud Computing: InterCloud Identity Management Infrastructure , 2010, 2010 19th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises.

[34]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[35]  Kenli Li,et al.  Hadoop Recognition of Biomedical Named Entity Using Conditional Random Fields , 2015, IEEE Transactions on Parallel and Distributed Systems.

[36]  Juan Qu,et al.  An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme , 2013, J. Electr. Comput. Eng..

[37]  Xiaomin Wang,et al.  Secure chaotic system with application to chaotic ciphers , 2013, Inf. Sci..

[38]  Kenli Li,et al.  Energy-Efficient Stochastic Task Scheduling on Heterogeneous Computing Systems , 2014, IEEE Transactions on Parallel and Distributed Systems.

[39]  Victor Shoup,et al.  Session Key Distribution Using Smart Cards , 1996, EUROCRYPT.

[40]  Kenli Li,et al.  A secure and efficient file protecting system based on SHA3 and parallel AES , 2016, Parallel Comput..

[41]  Yuqing Zhang,et al.  Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud , 2013, IEEE Transactions on Parallel and Distributed Systems.

[42]  Kenli Li,et al.  Strategy Configurations of Multiple Users Competition for Cloud Service Reservation , 2016, IEEE Transactions on Parallel and Distributed Systems.

[43]  C. Yeun,et al.  Cloud computing security management , 2010, 2010 Second International Conference on Engineering System Management and Applications.

[44]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[45]  Nenghai Yu,et al.  A Time-Bound Ticket-Based Mutual Authentication Scheme for Cloud Computing , 2011, Int. J. Comput. Commun. Control.

[46]  Eun-Jun Yoon,et al.  Improvement of an Efficient User Identification Scheme Based on ID-Based Cryptosystem , 2005, EUC Workshops.

[47]  Renfa Li,et al.  On the Complexity of Authorization of Temporal RBAC in Cloud Computing Service , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.