Advertisement

Efficient user authentication protocol for distributed multimedia mobile cloud environment

  • Manojkumar VivekanandanEmail author
  • V. N. Sastry
  • U. Srinivasulu Reddy
Original Research
  • 16 Downloads

Abstract

The rapid growth of smart-phone users, mobile services and mobile applications, poses the challenges of storage space, processing capability, and battery lifetime at the users smart phones. Mobile cloud computing helps to overcome these challenges. Presently, when a mobile user wants to subscribe to various Multimedia based cloud service providers (MBCSPs), he/she need to register separately for each of MBCSP. Although one can use single sign-on methods, they are unreliable due to the presence of any untrusted server. Hence, we propose a three-factor mobile user authentication protocol for Distributed Multimedia based cloud services. Our proposed method consists of strong authentication between the mobile user and multimedia-based cloud service providers using session key agreement, choice-based MBCSPs registration, initial mobile user identity registration checking, time of validity for secret key issued by Registration center (RC) to mobile user and time of validity for secret key issued by RC to MBCSPs respectively. We have verified our protocol with various attack scenarios using informal analysis, formal proof using BurrowsAbadiNeedham (BAN) logic and formal security analysis using Automated Validation of Internet Security Protocols and Applications tool (AVISPA) respectively. Our proposed protocol provides better performance and foolproof security.

Keywords

AVISPA SK BAN logic MBCSP MCC MSE 

Notes

References

  1. Amin R, Biswas G (2015) Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment. Wirel Personal Commun 84(1):439–462Google Scholar
  2. Amin R, Islam SH, Biswas G, Giri D, Khan MK, Kumar N (2016) A more secure and privacy-aware anonymous user authentication scheme for distributed mobile cloud computing environments. Secur Commun Netw 9(17):4650–4666Google Scholar
  3. Armando A, Basin D, Cuellar J, Rusinowitch M, Viganò L (2006) Avispa: automated validation of internet security protocols and applications. ERCIM News 64:66–67zbMATHGoogle Scholar
  4. Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Kilian J (ed) Annual international cryptology conference, Springer, Berlin, Heidelberg, pp 213–229Google Scholar
  5. Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8(1):18–36zbMATHGoogle Scholar
  6. Chaudhry SA (2016) A secure biometric based multi-server authentication scheme for social multimedia networks. Multimed Tools Appl 75(20):12705–12725Google Scholar
  7. Chaudhry SA, Kim IL, Rho S, Farash MS, Shon T (2017) An improved anonymous authentication scheme for distributed mobile cloud computing services. Cluster Computing 22(1):1595–1609Google Scholar
  8. Chuang MC, Chen MC (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst Appl 41(4):1411–1418Google Scholar
  9. Peck DD (1997) Multimedia; A Hands-on introduction. International Thomson Publishing, pp 3–4Google Scholar
  10. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: International conference on the theory and applications of cryptographic techniques, Springer, pp 523–540Google Scholar
  11. Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208MathSciNetzbMATHGoogle Scholar
  12. Eisenbarth T, Kasper T, Moradi A, Paar C, Salmasizadeh M, Shalmani MTM (2008) On the power of power analysis in the real world: a complete break of the keeloq code hopping scheme. In: Annual international cryptology conference, Springer, pp 203–220Google Scholar
  13. Fujisaki E, Okamoto T (1999) Secure integration of asymmetric and symmetric encryption schemes. In: Annual international cryptology conference, Springer, pp 537–554Google Scholar
  14. He D, Wang D (2014) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823Google Scholar
  15. He D, Wu S (2013) Security flaws in a smart card based authentication scheme for multi-server environment. Wirel Personal Commun 70(1):323–329Google Scholar
  16. He D, Kumar N, Khan MK, Wang L, Shen J (2016) Efficient privacy-aware authentication scheme for mobile cloud computing services. IEEE Syst J 12(2):1621–1631Google Scholar
  17. Hsiang HC, Shih WK (2009) Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment. Comput Stand Interfaces 31(6):1118–1123Google Scholar
  18. Hsieh WB, Leu JS (2014) An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures. J Supercomput 70(1):133–148Google Scholar
  19. Jegadeesan S, Azees M, Kumar PM, Manogaran G, Chilamkurti N, Varatharajan R, Hsu CH (2019) An efficient anonymous mutual authentication technique for providing secure communication in mobile cloud computing for smart city applications. Sustain Cities Soc 49:101522Google Scholar
  20. Jiang Q, Ma J, Wei F (2016) On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 12(2):2039–2042Google Scholar
  21. Kumar C, Dudyala AK (2015) Bank note authentication using decision tree rules and machine learning techniques. In: 2015 International conference on advances in computer engineering and applications, IEEE, pp 310–314Google Scholar
  22. Lee CC, Lin TH, Chang RX (2011) A secure dynamic id based remote user authentication scheme for multi-server environment using smart cards. Expert Syst Appl 38(11):13863–13870Google Scholar
  23. Li CT, Hwang MS (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5Google Scholar
  24. Li X, Niu JW, Ma J, Wang WD, Liu CL (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(1):73–79Google Scholar
  25. Li X, Xiong Y, Ma J, Wang W (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769Google Scholar
  26. Li X, Ma J, Wang W, Xiong Y, Zhang J (2013) A novel smart card and dynamic id based remote user authentication scheme for multi-server environments. Mathe Comput Model 58(1–2):85–95Google Scholar
  27. Li X, Niu J, Kumari S, Liao J, Liang W (2015) An enhancement of a smart card authentication scheme for multi-server architecture. Wirel Personal Commun 80(1):175–192Google Scholar
  28. Liao YP, Wang SS (2009) A secure dynamic id based remote user authentication scheme for multi-server environment. Comput Stand Interfaces 31(1):24–29Google Scholar
  29. Lu Y, Li L, Peng H, Yang Y (2015a) A biometrics and smart cards-based authentication scheme for multi-server environments. Security Commun Netw 8(17):3219–3228Google Scholar
  30. Lu Y, Li L, Yang X, Yang Y (2015b) Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards. PLoS One 10(5):e0126323Google Scholar
  31. Ma Z, Liu Y, Wang Z, Ge H, Zhao M (2018) A machine learning-based scheme for the security analysis of authentication and key agreement protocols. Neural Comput Appl.  https://doi.org/10.1007/s00521-018-3929-8 Google Scholar
  32. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552MathSciNetzbMATHGoogle Scholar
  33. Mishra D, Das AK, Mukhopadhyay S (2014) A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst Appl 41(18):8129–8143Google Scholar
  34. Naor M, Yung M (1989) Universal one-way hash functions and their cryptographic applications. In: Proceedings of the twenty-first annual ACM symposium on theory of computing, ACM, pp 33–43Google Scholar
  35. Nawrocki P, Sniezynski B (2018) Adaptive service management in mobile cloud computing by means of supervised and reinforcement learning. J Netw Syst Manag 26(1):1–22Google Scholar
  36. Odelu V, Das AK, Goswami A (2015) A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans Inform Forensics Secur 10(9):1953–1966Google Scholar
  37. Pippal RS, Jaidhar C, Tapaswi S (2013) Robust smart card authentication scheme for multi-server architecture. Wirel Personal Commun 72(1):729–745Google Scholar
  38. Reddy AG, Yoon EJ, Das AK, Odelu V, Yoo KY (2017) Design of mutually authenticated key agreement protocol resistant to impersonation attacks for multi-server environment. IEEE Access 5:3622–3639Google Scholar
  39. Roy S, Chatterjee S, Das AK, Chattopadhyay S, Kumar N, Vasilakos AV (2017) On the design of provably secure lightweight remote user authentication scheme for mobile cloud computing services. IEEE Access 5:25808–25825Google Scholar
  40. Sood SK, Sarje AK, Singh K (2011) A secure dynamic identity based authentication protocol for multi-server architecture. J Netw Comput Appl 34(2):609–618Google Scholar
  41. Tsai JL, Lo NW (2015) A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 9(3):805–815Google Scholar
  42. Wang B, Ma M (2013) A smart card based efficient and secured multi-server authentication scheme. Wirel Personal Commun 68(2):361–378Google Scholar
  43. Wang C, Zhang X, Zheng Z (2016) Cryptanalysis and improvement of a biometric-based multi-server authentication and key agreement scheme. Plos One 11(2):e0149173Google Scholar
  44. Xu D, Chen J, Liu Q (2019) Provably secure anonymous three-factor authentication scheme for multi-server environments. J Am Int Human Comput 10(2):611–627Google Scholar
  45. Xue K, Hong P, Ma C (2014) A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J Comput Syst Sci 80(1):195–206MathSciNetzbMATHGoogle Scholar
  46. Yeh KH, Lo NW, Li Y (2011) Cryptanalysis of hsiang-shih’s authentication scheme for multi-server architecture. Int J Commun Syst 24(7):829–836Google Scholar
  47. Zhou B, Buyya R (2018) Augmentation techniques for mobile cloud computing: a taxonomy, survey, and future directions. ACM Comput Surv (CSUR) 51(1):13Google Scholar
  48. Zhu W, Luo C, Wang J, Li S (2011) Multimedia cloud computing. IEEE Signal Process Mag 28(3):59–69Google Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  • Manojkumar Vivekanandan
    • 1
    • 2
    Email author
  • V. N. Sastry
    • 1
  • U. Srinivasulu Reddy
    • 2
  1. 1.Center for Mobile Banking (CMB)Institute for Development and Research in Banking Technology (IDRBT)HyderabadIndia
  2. 2.Machine Learning and Data Analytics Lab, Department of Computer ApplicationsNational Institute of TechnologyTiruchirappalliIndia

Personalised recommendations