14 research outputs found
A Lightweight and Privacy-Preserving Authentication Protocol for Mobile Edge Computing
With the advent of the Internet-of-Things (IoT), vehicular networks and
cyber-physical systems, the need for real-time data processing and analysis has
emerged as an essential pre-requite for customers' satisfaction. In this
direction, Mobile Edge Computing (MEC) provides seamless services with reduced
latency, enhanced mobility, and improved location awareness. Since MEC has
evolved from Cloud Computing, it inherited numerous security and privacy issues
from the latter. Further, decentralized architectures and diversified
deployment environments used in MEC platforms also aggravate the problem;
causing great concerns for the research fraternity. Thus, in this paper, we
propose an efficient and lightweight mutual authentication protocol for MEC
environments; based on Elliptic Curve Cryptography (ECC), one-way hash
functions and concatenation operations. The designed protocol also leverages
the advantages of discrete logarithm problems, computational Diffie-Hellman,
random numbers and time-stamps to resist various attacks namely-impersonation
attacks, replay attacks, man-in-the-middle attacks, etc. The paper also
presents a comparative assessment of the proposed scheme relative to the
current state-of-the-art schemes. The obtained results demonstrate that the
proposed scheme incurs relatively less communication and computational
overheads, and is appropriate to be adopted in resource constraint MEC
environments.Comment: To appear in IEEE GLOBECOM 201
An Effective Authentication Scheme for Distributed Mobile Cloud Computing Services using a Single Private Key
Mobile cloud computing comprises of cloud computing, mobile computing and wireless network. Providing secure and convenience for the mobile users to access multiple cloud computing services is essential. This paper furnish an effective way of providing the authentication for the mobile users to access multiple cloud computing services. The proposed scheme outfit a secure and expediency for mobile users to access several cloud computing services from multiple service providers using a single private key. Our proposed scheme is based on bilinear pairing cryptosystem. In addition, the scheme also supports mutual authentication, key exchange, user anonymity. To overcome the vulnerabilities of traditional methods, from system implementation point of view, the proposed scheme eliminates the usage of verification tables that are required to store the user credentials(user ID and password) which are the part of smart card generator service and cloud computing service provider
An efficient and provably secure authenticated key agreement scheme for mobile edge computing
Though Mobile Cloud Computing (MCC) and
Mobile Edge Computing (MEC) technologies have brought more
convenience to mobile services over past few years, but security
concerns like mutual authentication, user anonymity, user
untraceability, etc., have yet remained unresolved. In recent years,
many efforts have been made to design security protocols in the
context of MCC and MEC, but most of them are prone to security
threats. In this paper, we analyze Jia et al.’s scheme, one of the
latest authentication protocols for MEC environment and we show
this scheme is vulnerable to user impersonation and ephemeral
secret leakage attacks. Further, we demonstrate that the
aforementioned attacks can be similarly applied to Li et al.’s
scheme which recently derived from Jia et al.’s protocol. In this
paper, we propose a provably secure authenticated key agreement
protocol on the basis of Jia et al.’s scheme that not only withstands
security weaknesses of it, but also offers low computational and
communicational costs compared to the other related schemes. As
a formal security proof, we simulate our scheme with widely used
AVISPA tool. Moreover, we show the scalability and practicality
of our scheme in a MEC environment through NS-3 simulation
Private Authentication: Optimal Information Theoretic Schemes
The main security service in the connected world of cyber physical systems
necessitates to authenticate a large number of nodes privately. In this paper,
the private authentication problem is considered, that consists of a
certificate authority, a verifier, many legitimate users (prover) and any
arbitrary number of illegitimate users. Each legitimate user wants to be
authenticated (using his personal key) by the verifier, while simultaneously
wants to stay completely anonymous (even to the verifier and the CA). On the
other hand, an illegitimate user must fail to authenticate himself. We analyze
this problem from an information theoretical perspective. First, we propose a
general interactive information-theoretic model for the problem. As a metric to
measure the reliability, we consider the authentication key rate whose rate
maximization has a trade-off with establishing privacy. Then, we analyze the
problem in two different regimes: finite size regime (i.e., the variables are
elements of a finite field) and asymptotic regime (i.e., the variables are
considered to have large enough length). For both regimes, we propose schemes
that satisfy the completeness, soundness and privacy properties. In finite size
regime, the idea is to generate the authentication keys according to a secret
sharing scheme. In asymptotic regime, we use a random binning based scheme
which relies on the joint typicality to generate the authentication keys.
Moreover, providing the converse proof, we show that our scheme achieves
capacity in the asymptotic regime. For finite size regime our scheme achieves
capacity for large field size.Comment: 15 pages, 3 figure
Authentication in mobile cloud computing by combining the tow factor Authentication and one time password token
The Cloud has become a popular business transaction platform nowadays. Unfortunately, this powerful and pervasive network somehow is overshadowed by the growing security threat emerging from the various attacks Authentication is One of the major security issues in mobile cloud computing. Combinig the Two-factor Authentication (2FA) technology with One-time Password (OTP), has emerged as a popular protection system. The 2FA system employs two user specific factors for authentication. It can significantly enhance the network security. We used a dynamic one time password as a second factor. These otp codes provide strong security and resist MITM-seed tracing and shoulder surfing attacks
Dynamic Reciprocal Authentication Protocol for Mobile Cloud Computing
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.A combination of mobile and cloud computing delivers many advantages such as mobility, resources, and accessibility through seamless data transmission via the Internet anywhere at any time. However, data transmission through vulnerable channels poses security threats such as man-in-the-middle, playback, impersonation, and asynchronization attacks. To address these threats, we define an explicit security model that can precisely measure the practical capabilities of an adversary. A systematic methodology consisting of 16 evaluation criteria is used for comparative evaluation, thereby leading other approaches to be evaluated through a common scale. Finally, we propose a dynamic reciprocal authentication protocol to secure data transmission in mobile cloud computing (MCC). In particular, our proposed protocol develops a secure reciprocal authentication method, which is free of Diffie–Hellman limitations, and has immunity against basic or sophisticated known attacks. The protocol utilizes multifactor authentication of usernames, passwords, and a one-time password (OTP). The OTP is automatically generated and regularly updated for every connection. The proposed protocol is implemented and tested using Java to demonstrate its efficiency in authenticating communications and securing data transmitted in the MCC environment. Results of the evaluation process indicate that compared with the existing works, the proposed protocol possesses obvious capabilities in security and in communication and computation costs