On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services
Secure and efficient lightweight user authentication protocol for mobile cloud computing becomes a paramount concern due to the data sharing using Internet among the end users and mobile devices. Mutual authentication of a mobile user and cloud service provider is necessary for accessing of any clou...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2017-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8076841/ |
| id |
doaj-5675682dcac949d1a5c02d361ac2be27 |
|---|---|
| record_format |
Article |
| spelling |
doaj-5675682dcac949d1a5c02d361ac2be272021-03-29T19:57:23ZengIEEEIEEE Access2169-35362017-01-015258082582510.1109/ACCESS.2017.27649138076841On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing ServicesSandip Roy0Santanu Chatterjee1Ashok Kumar Das2https://orcid.org/0000-0002-5196-9589Samiran Chattopadhyay3Neeraj Kumar4Athanasios V. Vasilakos5Department of Computer Science and Engineering, Asansol Engineering College, Asansol, IndiaResearch Center Imarat, Defence Research and Development Organization, Hyderabad, IndiaCenter for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, IndiaDepartment of Information Technology, Jadavpur University, Kolkata, IndiaDepartment of Computer Science and Engineering, Thapar University, Patiala, IndiaLab of Networks and Cybersecurity, Innopolis University, Innopolis, RussiaSecure and efficient lightweight user authentication protocol for mobile cloud computing becomes a paramount concern due to the data sharing using Internet among the end users and mobile devices. Mutual authentication of a mobile user and cloud service provider is necessary for accessing of any cloud services. However, resource constraint nature of mobile devices makes this task more challenging. In this paper, we propose a new secure and lightweight mobile user authentication scheme for mobile cloud computing, based on cryptographic hash, bitwise XOR, and fuzzy extractor functions. Through informal security analysis and rigorous formal security analysis using random oracle model, it has been demonstrated that the proposed scheme is secure against possible well-known passive and active attacks and also provides user anonymity. Moreover, we provide formal security verification through ProVerif 1.93 simulation for the proposed scheme. Also, we have done authentication proof of our proposed scheme using the Burrows-Abadi-Needham logic. Since the proposed scheme does not exploit any resource constrained cryptosystem, it has the lowest computation cost in compare to existing related schemes. Furthermore, the proposed scheme does not involve registration center in the authentication process, for which it is having lowest communication cost compared with existing related schemes.https://ieeexplore.ieee.org/document/8076841/Remote mobile user authenticationdistributed mobile cloud computinguser anonymityuser biometricsrandom oracleBAN logic |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Sandip Roy Santanu Chatterjee Ashok Kumar Das Samiran Chattopadhyay Neeraj Kumar Athanasios V. Vasilakos |
| spellingShingle |
Sandip Roy Santanu Chatterjee Ashok Kumar Das Samiran Chattopadhyay Neeraj Kumar Athanasios V. Vasilakos On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services IEEE Access Remote mobile user authentication distributed mobile cloud computing user anonymity user biometrics random oracle BAN logic |
| author_facet |
Sandip Roy Santanu Chatterjee Ashok Kumar Das Samiran Chattopadhyay Neeraj Kumar Athanasios V. Vasilakos |
| author_sort |
Sandip Roy |
| title |
On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services |
| title_short |
On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services |
| title_full |
On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services |
| title_fullStr |
On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services |
| title_full_unstemmed |
On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services |
| title_sort |
on the design of provably secure lightweight remote user authentication scheme for mobile cloud computing services |
| publisher |
IEEE |
| series |
IEEE Access |
| issn |
2169-3536 |
| publishDate |
2017-01-01 |
| description |
Secure and efficient lightweight user authentication protocol for mobile cloud computing becomes a paramount concern due to the data sharing using Internet among the end users and mobile devices. Mutual authentication of a mobile user and cloud service provider is necessary for accessing of any cloud services. However, resource constraint nature of mobile devices makes this task more challenging. In this paper, we propose a new secure and lightweight mobile user authentication scheme for mobile cloud computing, based on cryptographic hash, bitwise XOR, and fuzzy extractor functions. Through informal security analysis and rigorous formal security analysis using random oracle model, it has been demonstrated that the proposed scheme is secure against possible well-known passive and active attacks and also provides user anonymity. Moreover, we provide formal security verification through ProVerif 1.93 simulation for the proposed scheme. Also, we have done authentication proof of our proposed scheme using the Burrows-Abadi-Needham logic. Since the proposed scheme does not exploit any resource constrained cryptosystem, it has the lowest computation cost in compare to existing related schemes. Furthermore, the proposed scheme does not involve registration center in the authentication process, for which it is having lowest communication cost compared with existing related schemes. |
| topic |
Remote mobile user authentication distributed mobile cloud computing user anonymity user biometrics random oracle BAN logic |
| url |
https://ieeexplore.ieee.org/document/8076841/ |
| work_keys_str_mv |
AT sandiproy onthedesignofprovablysecurelightweightremoteuserauthenticationschemeformobilecloudcomputingservices AT santanuchatterjee onthedesignofprovablysecurelightweightremoteuserauthenticationschemeformobilecloudcomputingservices AT ashokkumardas onthedesignofprovablysecurelightweightremoteuserauthenticationschemeformobilecloudcomputingservices AT samiranchattopadhyay onthedesignofprovablysecurelightweightremoteuserauthenticationschemeformobilecloudcomputingservices AT neerajkumar onthedesignofprovablysecurelightweightremoteuserauthenticationschemeformobilecloudcomputingservices AT athanasiosvvasilakos onthedesignofprovablysecurelightweightremoteuserauthenticationschemeformobilecloudcomputingservices |
| _version_ |
1724195512321572864 |