A Lightweight and Privacy-Preserving Authentication Protocol for Mobile Edge Computing

With the advent of the Internet-of-Things (IoT), vehicular networks and cyber-physical systems, the need for real-time data processing and analysis has emerged as an essential pre-requite for customers' satisfaction. In this direction, Mobile Edge Computing (MEC) provides seamless services with reduced latency, enhanced mobility, and improved location awareness. Since MEC has evolved from Cloud Computing, it inherited numerous security and privacy issues from the latter. Further, decentralized architectures and diversified deployment environments used in MEC platforms also aggravate the problem; causing great concerns for the research fraternity. Thus, in this paper, we propose an efficient and lightweight mutual authentication protocol for MEC environments; based on Elliptic Curve Cryptography (ECC), one-way hash functions and concatenation operations. The designed protocol also leverages the advantages of discrete logarithm problems, computational Diffie-Hellman, random numbers and time-stamps to resist various attacks namely-impersonation attacks, replay attacks, man-in-the-middle attacks, etc. The paper also presents a comparative assessment of the proposed scheme relative to the current state-of-the-art schemes. The obtained results demonstrate that the proposed scheme incurs relatively less communication and computational overheads, and is appropriate to be adopted in resource constraint MEC environments.Comment: To appear in IEEE GLOBECOM 201

An Effective Authentication Scheme for Distributed Mobile Cloud Computing Services using a Single Private Key

Mobile cloud computing comprises of cloud computing, mobile computing and wireless network. Providing secure and convenience for the mobile users to access multiple cloud computing services is essential. This paper furnish an effective way of providing the authentication for the mobile users to access multiple cloud computing services. The proposed scheme outfit a secure and expediency for mobile users to access several cloud computing services from multiple service providers using a single private key. Our proposed scheme is based on bilinear pairing cryptosystem. In addition, the scheme also supports mutual authentication, key exchange, user anonymity. To overcome the vulnerabilities of traditional methods, from system implementation point of view, the proposed scheme eliminates the usage of verification tables that are required to store the user credentials(user ID and password) which are the part of smart card generator service and cloud computing service provider

An efficient and provably secure authenticated key agreement scheme for mobile edge computing

Though Mobile Cloud Computing (MCC) and Mobile Edge Computing (MEC) technologies have brought more convenience to mobile services over past few years, but security concerns like mutual authentication, user anonymity, user untraceability, etc., have yet remained unresolved. In recent years, many efforts have been made to design security protocols in the context of MCC and MEC, but most of them are prone to security threats. In this paper, we analyze Jia et al.’s scheme, one of the latest authentication protocols for MEC environment and we show this scheme is vulnerable to user impersonation and ephemeral secret leakage attacks. Further, we demonstrate that the aforementioned attacks can be similarly applied to Li et al.’s scheme which recently derived from Jia et al.’s protocol. In this paper, we propose a provably secure authenticated key agreement protocol on the basis of Jia et al.’s scheme that not only withstands security weaknesses of it, but also offers low computational and communicational costs compared to the other related schemes. As a formal security proof, we simulate our scheme with widely used AVISPA tool. Moreover, we show the scalability and practicality of our scheme in a MEC environment through NS-3 simulation

Private Authentication: Optimal Information Theoretic Schemes

The main security service in the connected world of cyber physical systems necessitates to authenticate a large number of nodes privately. In this paper, the private authentication problem is considered, that consists of a certificate authority, a verifier, many legitimate users (prover) and any arbitrary number of illegitimate users. Each legitimate user wants to be authenticated (using his personal key) by the verifier, while simultaneously wants to stay completely anonymous (even to the verifier and the CA). On the other hand, an illegitimate user must fail to authenticate himself. We analyze this problem from an information theoretical perspective. First, we propose a general interactive information-theoretic model for the problem. As a metric to measure the reliability, we consider the authentication key rate whose rate maximization has a trade-off with establishing privacy. Then, we analyze the problem in two different regimes: finite size regime (i.e., the variables are elements of a finite field) and asymptotic regime (i.e., the variables are considered to have large enough length). For both regimes, we propose schemes that satisfy the completeness, soundness and privacy properties. In finite size regime, the idea is to generate the authentication keys according to a secret sharing scheme. In asymptotic regime, we use a random binning based scheme which relies on the joint typicality to generate the authentication keys. Moreover, providing the converse proof, we show that our scheme achieves capacity in the asymptotic regime. For finite size regime our scheme achieves capacity for large field size.Comment: 15 pages, 3 figure

Authentication in mobile cloud computing by combining the tow factor Authentication and one time password token

The Cloud has become a popular business transaction platform nowadays. Unfortunately, this powerful and pervasive network somehow is overshadowed by the growing security threat emerging from the various attacks Authentication is One of the major security issues in mobile cloud computing. Combinig the Two-factor Authentication (2FA) technology with One-time Password (OTP), has emerged as a popular protection system. The 2FA system employs two user specific factors for authentication. It can significantly enhance the network security. We used a dynamic one time password as a second factor. These otp codes provide strong security and resist MITM-seed tracing and shoulder surfing attacks

Dynamic Reciprocal Authentication Protocol for Mobile Cloud Computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.A combination of mobile and cloud computing delivers many advantages such as mobility, resources, and accessibility through seamless data transmission via the Internet anywhere at any time. However, data transmission through vulnerable channels poses security threats such as man-in-the-middle, playback, impersonation, and asynchronization attacks. To address these threats, we define an explicit security model that can precisely measure the practical capabilities of an adversary. A systematic methodology consisting of 16 evaluation criteria is used for comparative evaluation, thereby leading other approaches to be evaluated through a common scale. Finally, we propose a dynamic reciprocal authentication protocol to secure data transmission in mobile cloud computing (MCC). In particular, our proposed protocol develops a secure reciprocal authentication method, which is free of Diffie–Hellman limitations, and has immunity against basic or sophisticated known attacks. The protocol utilizes multifactor authentication of usernames, passwords, and a one-time password (OTP). The OTP is automatically generated and regularly updated for every connection. The proposed protocol is implemented and tested using Java to demonstrate its efficiency in authenticating communications and securing data transmitted in the MCC environment. Results of the evaluation process indicate that compared with the existing works, the proposed protocol possesses obvious capabilities in security and in communication and computation costs