Secure Three-Factor Anonymous User Authentication

Full text

Turn on search term navigation

This work is licensed under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.

1. Introduction

With the significant advances in information technology (IT), numerous types of devices can connect to the Internet and have a variety of features that can be used for different purposes. Using these devices with wireless network technologies, such as Wi-Fi, Bluetooth, 5G, 6lowPAN, and LoRa, has allowed the practical deployment of Internet of Things (IoT) [1]. IoT enables the networking of various types of embedded devices, such as home, mobile, and wearable devices, allowing them to communicate with people and objects at any time and location in our daily lives [2].

With combined with cloud computing, IoT technologies can collect and analyse large amounts of data from devices connected to an IoT network with hyperconnectivity and hyperintelligence surpassing the limits of time and space in various areas such as urban life, traffic, welfare, safety, healthcare, manufacturing, energy, finance, and logistics [3, 4]. Cloud computing provides IT resources on demand over the Internet. Cloud computing providers are building and maintaining physical data centers and servers, and users can enjoy the benefits of custom cloud services for greater computing power, storage, and database.

With such advantages, cloud computing is becoming a paradigm for the processing, storage, and utilization of large amounts of data generated by billions of smart devices because it can overcome the limitations of such devices, including low capacity and limited processing capability. The integration of IoT with cloud computing allows for better scalability, interoperability, reliability, efficiency, availability, and security through the utilization of various devices and technologies [5]. In addition, it provides benefits such as easy access, use, and deployment-cost reductions. A cloud computing environment can serve as a stable network environment for connection with IoT devices and provide storage for big data generated from IoT devices to securely keep and process the data for analysis. With these advantages, both individuals and small companies can benefit from cloud services.

In general, there are three types of cloud services [6]:

(1) Infrastructure as a service (IaaS): providing the user with an infrastructure including storage and network use

(2) Platform as a service (PaaS): providing the user with a platform to develop various applications

(3) Software as a service (SaaS): providing the user with software applications

Because cloud computing is deployed in a practical manner, there have been growing concerns regarding its security. As mentioned earlier, clouds are used in various industries and services; thus, cloud servers can collect and process sensitive data, and it can seriously affect user privacy.

Security issues associated with cloud computing include various aspects such as embedded security, application security, trust and conviction, client management, cloud data storage, and operating systems. Among the different security requirements, the first security requirement for the protection of user privacy is user authentication that verifies a user’s identity with a trusted party. There are three authentication factors used to verify the user identity: (i) what you know (e.g., secret information such as a password), (ii) what you have (e.g., things we own such as smart cards), and (iii) who you are (e.g., biometric such as fingerprint or iris data) [7].

In recent years, various user authentication schemes have been proposed [8–12], and user authentication studies using various cryptographic primitives have been proposed to protect a user’s personal information in a cloud environment. However, the investigation into such studies has revealed that the level of security is still insufficient to authenticate and manage users in the current cloud computing environment. Therefore, in this paper, to strengthen the security of previously proposed schemes, we first report problems in the related authentication scheme used in a cloud computing environment and then propose a new authentication scheme to overcome these problems.

1.1. Motivations

Since Lamport [13] first proposed a password-based authentication scheme, many relevant studies on suitable two-factor authentication schemes in various network environments have been proposed to protect user privacy. After the introduction of cloud computing systems, authentication schemes using various encryption technologies, including the Advanced Encryption Standard (AES), hash function, Chebyshev polynomials, and Elliptic Curve Cryptography (ECC), began to be studied to provide secure user authentication and improve security and efficiency.

Amin et al. [14] proposed a user authentication scheme for a distributed IoT cloud environment. However, Wang et al. [15] found that Amin et al.’s scheme has some weaknesses—it is vulnerable to a stolen smart card attack, violates user anonymity and forward secrecy, has a time synchronization problem, and provides an insecure identity update phase. Wang et al. [15] also proposed a new authentication scheme to eliminate the security concern associated with Amin et al.’s scheme [14] by applying ECC to share the session key between the user and the cloud server. Nevertheless, their scheme does not provide a session key verification at the end of the authentication phase—an invalid session key may be generated between the user and the cloud server without detecting communication errors that may occur while sharing the parameters for the establishment of a session key.

In 2017, Kumari et al. [16] proposed a biometrics-based three-factor authentication scheme in a multicloud server environment using ECC and proved that the scheme is secure for cloud computing environments, but it does not provide an identity update phase.

In 2019, Zhou et al. [17] proposed a lightweight authentication scheme for an IoT-cloud architecture using only hash and exclusive-OR (XOR) operations; it is relatively lightweight in comparison with other schemes [14, 18] and satisfies some of the security properties required for cloud computing. However, Martínez-Peláez et al. [19] reported that Wang et al.’s scheme [15] has security vulnerabilities to insider attacks, man-in-the-middle attacks through a replay attack, and user impersonation attacks. Martínez-Peláez et al. [19] then proposed a new lightweight authentication scheme to provide secure access to user by improving the scheme developed by Zhou et al. [17]. However, Yu et al. [20] found that Martínez-Peláez et al.’s scheme [19] is vulnerable to impersonation attacks, session key-disclosure attacks, and replay attacks and that it does not ensure user anonymity. Yu et al. [20] then proposed a lightweight three-factor-based authentication scheme for IoT use in a cloud computing environment to enhance the level of security. In their scheme, the cloud server changes the identity of the user during each session. However, users cannot recover or update their own identity themselves.

In this paper, based on the same network model used in the abovementioned related schemes for cloud computing, we propose a new three-factor user authentication scheme to enhance the level of security and efficiently manage users by eliminating the security and functional flaws of the related schemes. In the proposed scheme, we selected the ECC from various cryptographic building blocks, which has various advantages. For example, the safety of the ECC system increases exponentially with the key length and has a shorter key length and faster operation speed than those of the RSA algorithm. This is particularly effective in applications where the processing capacity is limited; these include memory, smart cards, and wireless communication terminals [21]. ECC has been standardized for digital signature algorithms and key exchanges (e.g., ANSI X9.62 and X9.63) and is widely accepted in various network communication standards such as IPsec (RFC 2409) and TLS (RFC 4492).

1.2. Organization of the Paper

The remainder of this paper is organized as follows. Section 2 presents the preliminaries for security considerations and background of the network model. In Section 3, we detail a secure three-factor anonymous user authentication scheme for a cloud computing environment. We describe the informal and formal security analyses in Sections 4 and 5, respectively. In Section 6, we evaluate the performance of the proposed scheme. Finally, we provide some concluding remarks in Section 7.

2. Preliminary

2.1. Network Model

The network model of the proposed protocol in the IoT environment is based on the cloud server environment adopted in the protocol described in [16–20], as shown in Figure 1. There are three participants in this model:

(1) Registration authority ( $RA$ ): $RA$ is a trusted authority that creates all system parameters and issues them to users and cloud servers through the registration process

(2) User ( $U_{i}$ ): $U_{i}$ wishes to access and enjoy the services provided by the cloud server using IoT device. For this purpose, the $RA$ shares the session key with the cloud server

(3) Cloud server ( $C S_{j}$ ): $C S_{j}$ provides IoT cloud services to users

[figure omitted; refer to PDF]

This network model is for a cloud server-centric service in which the cloud server collects and processes information from IoT devices and shares it with users. For example, a real-world scenario for this is as follows: Alex’s grandfather has dementia, and his family is concerned about his grandfather’s health and fear of getting lost when he goes out. The smartwatch worn by the grandfather can check the health condition through the built-in sensor and transmits the GPS information to the cloud server. Alex’s family wants to use a service that can trace and check the location and health of their grandfather in real time. To this end, Alex’s family and grandfather ( $U_{i}$ ) first register their identifier with the registration authority ( $R A$ ) to sign up for this IoT-based cloud service. RA issues security parameters to be used when establishing session key with $C S_{j}$ (assume that $C S_{j}$ is already registered). Information about the grandfather is sensitive. It should be shared only with the family. To this end, Alex creates a group through the interface provided by the cloud platform, adds family members as group members, and adds the devices of grandpa’s smartwatch and family’s smartphone to set permission to access information shared by registered devices. $U_{i}$ and $C S_{j}$ generate the session key through the authentication process; the family and grandfather can safely share information.

2.2. Elliptic Curve Cryptography

In this study, we apply an elliptic curve cryptography to the proposed scheme, which provides a high level of security with a small key size [22]. ECC is based on the logarithm problems expressed in the point addition and multiplication of elliptic curves.

An elliptic curve is given by $E_{p} a, b : y^{2} = x^{3} + a x + b$ mod $p$ over a finite field $F_{p}$ , where $p$ is the prime order and $a, b \in F_{p}$ such that $p > 3$ and $4 a^{3} + 27 b^{2} \neq 0$ mod $p$ . The point multiplication over $E_{p} a, b$ is defined through a repetitive addition as $+ P + \dots + P$ $a times = a P$ , where $P$ is a point on $E_{p} a, b$ and $a \in F_{p}^{*}$ is a random integer. The security of ECC relies on the following assumption:

(1) Elliptic curve discrete logarithm problem (ECDLP): given $P$ , $a P \in E_{p} a, b$ , it is computationally infeasible to find $a$ within polynomial time

(2) Elliptic curve computational Diffie-Hellman problem (ECCDHP): given $a P, b P \in E_{p} a, b$ , it is computationally infeasible to find $a b P$ in polynomial time

2.3. Bio-Hash Function

In the proposed scheme, we use a bio-hash function. In 2004, Jin et al. [23] proposed a solution to the problem of false resection in which a genuine user is misidentified for various reasons, such as when experiencing dry or cracked skin. The bio-hash maps the biometric features to a binary string with a user-specific tokenized pseudo-random number. In three-factor authentication, many researchers use a bio-hash to identify the biometric features of the users [24–26]. It is a simple and efficient tool for resource-constrained devices such as IoT sensor devices.

2.4. Adversarial Model

For a security analysis in this paper, we consider the adversarial model as follows [27–29]:

(1) The attacker can control the public communication channel by interrupting, returning, amending, eliminating, or transmitting newly forged messages

(2) The attacker can extract the security parameters in the smart device using a side-channel attack

(3) The attacker can guess the user’s identity and password by enumerating all possible items in polynomial time. The time of such an attack conducted to determine the correct identity and password is linear to the dictionary size

3. Proposed Scheme

In this section, we propose an improved three-factor authentication scheme in the cloud environment. Our scheme consists of (1) a registration phase, (2) a login and authentication phase, (3) a password change phase, and (4) an identity update phase. All notations used in this paper are listed in Table 1.

Table 1

Notations used.

Symbol	Description
$U_{i}$ , $C S_{j}$ , $RA$	User, cloud server, registration authority
$I D_{i}$ , $CI D_{j}$	Identity of $U_{i}$ and $C S_{j}$
$P W_{i}$	Password of $U_{i}$
$BI O_{i}$	Biometrics of $U_{i}$
$SK$	Session key between $U_{i}$ and $C S_{j}$
$h \cdot$	Hash function
$H \cdot$	Bio-hash function
\|\|	Concatenation
$\oplus$	XOR operation
$x$	Private key of $RA$
$x P = Pub$	Public key of $RA$

3.1. User Registration Phase

In this phase, $U_{i}$ registers with $RA$ and shares secret parameters for later login and authentication using IoT smart device. The registration phase of $U_{i}$ shown in Figure 2 is as follows.

(1) $U_{i}$ who wants to register in $RA$ enters $I D_{i}, P W_{i}$ , and $BI O_{i}$ , and computes $PW B_{i} = h P W_{i} BI O_{i}$ and $UI D_{i} = h I D_{i} PW B_{i}$

(2) $U_{i}$ sends a registration request $< I D_{i}, PW B_{i}, UI D_{i}, >$ through a secure channel

(3) After receiving the registration request message from $U_{i}$ , $RA$ first searches for $UI D_{i}$ in $User_List$ to check whether the user’s ${ID}_{i}$ is already registered. If $UI D_{i}$ does not exist in $User_List$ , $RA$ selects a random number $r$ and computes $D_{i} = h {UID}_{i} x r, C_{i} = h I D_{i} PW B_{i} D_{i}$ , and $E_{i} = D_{i} \oplus PW B_{i}$

(4) Here, $RA$ stores $< UI D_{i}, r, Honey_List = 0 >$ into $User_List$ and issues $< C_{i}, E_{i}, Pub, P >$ . Then, $U_{i}$ stores them to IoT smart device

[figure omitted; refer to PDF]

We define the overall $U_{i}$ process code for the proposed scheme, as shown in Figure 8. We model the registration phase in lines 37-41 and the login and authentication phase in lines 42-58.

[figure omitted; refer to PDF]

We define the overall ${CS}_{j}$ process code for the proposed scheme, as shown in Figure 9. We model the registration phase in lines 60-64 and the login and authentication phase in lines 65-82.

[figure omitted; refer to PDF]

Figure 10 shows the overall $RA$ process code for the proposed scheme. We model the registration phase in lines 84-94 and the login and authentication phase in lines 95-113.

[figure omitted; refer to PDF]

The code shown in Figure 11 is intended to model the attacker’s capabilities and verify the equivalencies of inter-process communication. The code in lines 115 and 116 checks whether the session keys $S K_{i j}$ and $S K_{j i}$ are secure against the attacker. The code in lines 117-119 verifies whether the internodal relationships of the proposed scheme are accurate during the procedure.

[figure omitted; refer to PDF]

The execution of all codes described earlier verifies the effectiveness and availability of the simulated events and queries and generates the results of the simulation, as presented in Figure 12. This indicates that $U_{i}$ , $C S_{j}$ , and $RA$ in the proposed scheme achieve a successful mutual authentication and securely establish the session key. Furthermore, it can be considered that the proposed scheme is secure against simulated attacks.

[figure omitted; refer to PDF]

6.2. BAN Logic

Burrows-Abadi-Needham (BAN) logic [36] is used to prove the trust of each party in the authentication protocol on the formal logic. We utilize this logic to prove that $U_{i}$ and $C S_{j}$ share a valid and fresh session key through mutual authentication. We define the notations of BAN logic as follows:

(1) $U ⊲ C : U$ sees condition $C$

(2) $U ∣ \equiv C :$ condition $C$ is believed by $U$

(3) $# C :$ it makes a fresh $C$

(4) $U ∣ ~ C : U$ expresses the condition $C$

(5) $U \overset{K}{\leftrightarrow} S : U$ and $S$ share a secret key $K$

(6) $U ⟹ C :$ condition $C$ is handled by $U$

(7) $C_{K} : C$ is encrypted under key $K$

We define five rules of BAN logic to prove the mutual authentication of the proposed scheme.

(1) Rule 1: message-meaning rule $U ∣ \equiv U \overset{K}{\leftrightarrow} S, U ⊲ C_{K} / U \equiv S ~ C :$ if $U$ trusts that key $K$ is shared with $S$ , $U$ sees $C$ combined with $K$ and trusts $S$ once said $C$

(2) Rule 2: nonce-verification rule $U ∣ \equiv # C, U \equiv S ~ C / U \equiv S \equiv C :$ if $U$ trusts that freshness of $C$ and trusts $S$ once said $C$ , then $U$ trusts that $S$ trusts $C$

(3) Rule 3: belief rule $U \equiv C, U \equiv M / A ∣ \equiv C, M :$ if $U$ trusts $C$ and $M$ , $C, M$ are also trusted by $U$

(4) Rule 4: freshness-conjuncatenation rule $U \equiv # C / A \equiv # C, M :$ if the freshness of $C$ is trusted by $U$ , then $U$ can trust the freshness of the full condition

(5) Rule 5: jurisdiction rule $U \equiv S ⟹ C, U \equiv S \equiv C / A \equiv C :$ if $U$ trusts that $S$ has jurisdiction over $C$ , and $U$ trusts that $S$ trusts a condition $C$ , then $U$ also trusts $C$

We must satisfy the following four goals:

(1) Goal 1: $U_{i} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$

(2) Goal 2: $C S_{j} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$

(3) Goal 3: $U_{i} \equiv C S_{j} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$

(4) Goal 4: $C S_{j} \equiv U_{i} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$

The four messages transmitted in the proposed scheme can be converted into the idealized form as follows:

(1) Using $M_{1} = < CI D_{j}, G_{i}, F_{i}, X_{2} >$ , $U_{i} ⟶ C S_{j} : G_{i} = h UI D_{i} CI D_{j} X_{1} D_{1}, F_{i} = h X_{1} X_{2} \oplus UI D_{i}$ . This is reduced to $MS G_{1}$ :( $UI D_{i}, CI D_{j}, D_{1}, X_{1}, X_{2}$ )

(2) Using $M_{2} = < M_{1}, K_{j}, Y_{2} >$ , $C S_{j} ⟶ RA : K_{j} = h Y_{1} {C key}_{j} G_{i} F_{i} X_{2}$ . This is reduced to $MS G_{2} : M_{1}, Y_{1}, C ke y_{j}, X_{2}$

(3) Using $M_{3} = < U_{cs}, V_{cs} >$ , $RA ⟶ C S_{j} : U_{cs} = h Y_{1}^{*} Y_{2} C ke y_{j}^{*} K_{j}^{*} X_{2} \oplus h UI D_{i}^{*}, V_{cs} = h X_{1}^{*} X_{2} UI D_{i} D_{i}^{*} Y_{2}$ . This is reduced to $MS G_{3}$ :( $Y_{1}, Y_{2}, C ke y_{j}, X_{2}, UI D_{i}$ )

(4) Using $M_{4} = < Y_{2}, S V_{j} >$ , $C S_{j} ⟶ U_{i} : S V_{j} = h S K_{j i} X_{2}$ . This is reduced to $MS G_{4} : Y_{2}, X_{2}$

To derive the goals of the proposed scheme, we define the following assumptions.

(1) $U_{i} \equiv # UI D_{i}$

(2) ${CS}_{j} ∣ \equiv # C ke y_{j}$

(3) $RA \equiv # x$

(4) $C S_{j} \equiv # b$

(5) $C S_{j} ∣ \equiv U_{i} \overset{a}{\leftrightarrow} C S_{j}$

(6) $C S_{j} \equiv C S_{j} \overset{b}{\leftrightarrow} RA$

(7) $RA \equiv C S_{j} \overset{b}{\leftrightarrow} RA$

(8) $U_{i} \equiv U_{i} \overset{a}{\leftrightarrow} C S_{j}$

(9) $U_{i} \equiv C S_{j} \equiv U_{i} \overset{S K_{j i}}{\leftrightarrow} C S_{j}$

(10) $C S_{j} \equiv U_{i} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$

We describe the main proof of the proposed scheme using the BAN logic rules, messages, and assumptions as follows:

(1) From $M_{1}$ , we obtain $V_{1} : C S_{j} ⊲ {CI D_{j}, UI D_{i}, P}_{a}$

(2) From $A_{5}$ and rule 1, we obtain $V_{2} : C S_{j} \equiv U_{i} ~ {CI D_{j}, UI D_{i}, P}_{a}$

(3) From $A_{1}$ and rule 4, we obtain $V_{3} : C S_{j} \equiv # {CI D_{j}, UI D_{i}, P}_{a}$

(4) From $V_{1}$ , $V_{2}$ , and rule 2, we obtain $V_{4} : C S_{j} \equiv U_{i} \equiv {CI D_{j}, UI D_{i}, P}_{a}$

(5) From $M_{2}$ , we obtain $V_{5} : RA ⊲ {C ke y_{j}, CI D_{j}, UI D_{i}, P}_{b}$

(6) From $A_{7}$ and rule 1, we obtain $V_{6} : RA \equiv {CS}_{j} ~ {C ke y_{j}, CI D_{j}, UI D_{i}, P}_{b}$

(7) From $A_{2}$ and rule 4, we obtain $V_{7} : C S_{j} \equiv # {C ke y_{j}, CI D_{j}, UI D_{i}, P}_{b}$

(8) From $V_{5}$ , $V_{6}$ , and rule 2, we obtain $V_{8} : RA \equiv C S_{j} \equiv {C ke y_{j}, CI D_{j}, UI D_{i}, P}_{b}$

(9) From $M_{3}$ , we obtain $V_{9} : C S_{j} ⊲ {a, x, P, C ke y_{j}, UI D_{i}}_{b}$

(10) From $A_{6}$ and rule 1, we obtain $V_{10} : C S_{j} \equiv RA ~ {a, x, P, C ke y_{j}, UI D_{i}}_{b}$

(11) From $A_{3}$ and rule 4, we obtain $V_{11} : C S_{j} \equiv # {a, x, P, C ke y_{j}, UI D_{i}}_{b}$

(12) From $V_{9}$ , $V_{10}$ , and rule 2, we obtain $V_{12} : C S_{j} \equiv RA \equiv {a, x, P, C ke y_{j}, UI D_{i}}_{b}$

(13) From $M_{4}$ , we obtain $V_{13} : U_{i} ⊲ {b, x, P}_{a}$

(14) From $A_{8}$ and rule 1, we obtain $V_{14} : U_{i} \equiv C S_{j} ~ {b, x, P}_{a}$

(15) From $A_{4}$ and rule 4, we obtain $V_{15} : U_{i} \equiv # {b, x, P}_{a}$

(16) From $V_{13}$ , $V_{14}$ , and rule 2, we obtain $V_{16} : U_{i} \equiv {CS}_{j} \equiv {b, x, P}_{a}$

(17) From $V_{12}$ , $V_{16}$ , and SK, we obtain $V_{17} : U_{i} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$ (goal 1)

(18) From $V_{4}$ , $V_{8}$ , and SK, we obtain $V_{18} : C S_{j} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$ (goal 2)

(19) From $A_{9}$ , $V_{17}$ , and rule 5, we obtain $V_{19} : U_{i} \equiv C S_{j} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$ (goal 3)

(20) From $A_{10}$ , $V_{18}$ , and rule 5, we obtain $V_{17} : C S_{j} \equiv U_{i} \equiv U_{i} \overset{S K_{i j}}{\leftrightarrow} C S_{j}$ (goal 4)

From goals 1, 2, 3, and 4 that we achieved earlier, we see that $U_{i}$ and $C_{j}$ establish a session key through a secure mutual authentication.

7. Performance Analysis

In this section, we compare the computational and communication costs for the proposed scheme with those of other related schemes for cloud computing environments. We considered the computational cost and number of communications occurring during the login and authentication process. As described by Kocarev and Lian [37], we consider the execution time of cryptographic operations as follows:

(1) 160-bit elliptic multiplication operation: $T_{e} \approx 63.08 ms$

(2) 128-bit Advanced Encryption Standard (AES) algorithm: $T_{s} \approx 8.7 ms$

(3) 128-bit hash function: $T_{h} \approx 0.5 ms$

(4) 128-bit Chebyshev polynomial computation: $T_{h} \approx 21.02 ms$

We summarize the results of the comparison in terms of the computational time and communication costs in Table 3. The results reveal that Martínez-Peláez et al.’s scheme [19] is significantly faster in terms of computational time than the other schemes. However, as described in Section 1.2, Yu et al. [20] revealed that Martínez-Peláez et al.’s scheme [19] is vulnerable to various attacks. Wang et al.’s scheme [30] applies a Chebyshev chaotic map as cryptography primitive to strengthen the security of the session key. However, their scheme does not provide the identity update phase. The securities of schemes proposed by Kumari et al. [16] and Wang et al. [15] are based on the ECC for which the communication participants agree on the session key. However, Wang et al.’s scheme [15] does not provide the session key verification procedure to check its validation, and Kumari et al. [16] do not design the identity update phase in their scheme. Meanwhile, our scheme has slightly higher computational costs than those of Kumari et al.’s [16] and Wang et al.’s scheme [30], although the proposed scheme satisfies all security requirements, as mentioned in Section 5.

Table 3

Comparisons in terms of the computational time and the communication costs.

Scheme	Wang et al. [15]	Kumari et al. [16]	Martínez-Peláez et al. [19]	Wang et al. [30]	Proposed
$U_{i}$	$9 T_{h} + 3 T_{e}$	$7 T_{h} + 3 T_{e}$	$7 T_{h} + 3 T_{s}$	$9 T_{h} + 2 T_{C} + 1 T_{S}$	$12 T_{h} + 3 T_{e}$
$C S_{j}$	$3 T_{h} + 3 T_{e}$	$5 T_{h} + 3 T_{e}$	$5 T_{h} + 3 T_{s}$	$5 T_{h} + 2 T_{C} + 1 T_{S}$	$5 T_{h} + 3 T_{e}$
$RA$	$7 T_{h} + 2 T_{e}$	$6 T_{h} + 2 T_{e}$	$21 T_{h} + 2 T_{s}$	$9 T_{h} + 4 T_{s}$	$10 T_{h} + 2 T_{e}$
Total	$19 T_{h} + 8 T_{e}$	$18 T_{h} + 6 T_{e}$	$33 T_{h} + 8 T_{s}$	$21 T_{h} + 4 T_{c} + 6 T_{s}$	$27 T_{h} + 8 T_{e}$
Time	514.14 ms	513.64 ms	86.1 ms	147.78 ms	514.64 ms
Communication cost	2080 bits	2304 bits	3200 bits	1696 bits	1792 bits

According to the results of previous analysis [28, 38], we assume that the lengths of the identity, random number, and timestamp are 128, 64, and 32 bits, respectively, for a comparison of the communication costs. The hash function produces 160 bits; the block size of the symmetric encryption is 128 bits; the size of the Chebyshev polynomial is 128 bits; the size of the point multiplication on the elliptic curve is 160 bits.

Table 3 also provides data from the comparisons of the communication costs. The total communication cost of the proposed scheme is 1792 bits, whereas those of Amin et al.’s [14], Kumari et al.’s [16], Martínez-Peláez et al.’s [19], and Wang et al.’s schemes [30] are 2080, 2304, 3200, and 1696 bits, respectively. Table 3 shows that the scheme proposed by Wang et al. [30] requires the lowest communication cost, whereas the proposed scheme has the second-lowest communication cost. However, as shown in Table 2, Wang et al.’s scheme [30] does not support the identity update phase. Therefore, the proposed scheme is a more practical option in a cloud computing environment.

8. Conclusion

In this study, we conducted an informal analysis to demonstrate the security of the proposed scheme against various known attacks. In addition, using ProVerif and BAN logic, we applied a formal analysis to prove that the user and cloud server establish a session key through secure mutual authentication. Moreover, we conducted an analysis of the proposed scheme in terms of the security features and performance; we compared it with those of existing related schemes and proved that our proposed scheme ensures better safety and efficiency in user management and that it is suitable for use in a practical cloud computing environment.

Acknowledgments

This work was supported by an Institute of Information & Communications Technology Planning Evaluation (IITP) grant funded by the Korea government (MSIT) (No. 2020-0-00258, Development of On-chain-based Electronic Contract Application Platform Using Zero-Knowledge Proof).

Appendix

A. Wang et al.’s Authentication Scheme [15]

Wang et al.’s authentication scheme is shown in Figures 13–16.

[figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF]

B. Kumari et al.’s Authentication Scheme [16]

Kumari et al.’s authentication scheme is shown in Figures 17–20.

[figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF]

C. Martínez-Peláez et al.’s Authentication Scheme [19]

Martínez-Peláez et al.’s authentication scheme is shown in Figures 21–24.

[figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF]

D. Wang et al.’s Authentication Scheme [30]

Wang et al.’s authentication scheme is shown in Figures 25–28.

[figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF][figure omitted; refer to PDF]

References

[1] S. K. Goudos, P. I. Dallas, S. Chatziefthymiou, S. Kyriazakos, "A survey of IoT key enabling and future technologies: 5G, mobile IoT, sematic web and applications," Wireless Personal Communications, vol. 97 no. 2, pp. 1645-1675, DOI: 10.1007/s11277-017-4647-8, 2017.

[2] S. Moganedi, J. Mtsweni, "Beyond the convenience of the Internet of Things: security and privacy concerns," 2017 IST-Africa Week Conference (IST-Africa),DOI: 10.23919/istafrica.2017.8102372, .

[3] B. Farahani, F. Firouzi, V. Chang, M. Badaroglu, N. Constant, K. Mankodiya, "Towards fog-driven IoT eHealth: promises and challenges of IoT in medicine and healthcare," Future Generation Computer Systems, vol. 78, pp. 659-676, DOI: 10.1016/j.future.2017.04.036, 2018.

[4] A. J. C. Trappey, C. V. Trappey, C.-Y. Fan, A. P. T. Hsu, X. K. Li, I. J. Y. Lee, "IoT patent roadmap for smart logistic service provision in the context of Industry 4.0," Journal of the Chinese Institute of Engineers, vol. 40 no. 7, pp. 593-602, DOI: 10.1080/02533839.2017.1362325, 2017.

[5] A. Botta, W. de Donato, V. Persico, A. Pescapé, "Integration of cloud computing and Internet of Things: a survey," Future Generation Computer Systems, vol. 56, pp. 684-700, DOI: 10.1016/j.future.2015.09.021, 2016.

[6] A. Rashid, A. Chaturvedi, "Cloud computing characteristics and services a brief review," International Journal of Computer Sciences and Engineering, vol. 7 no. 2, pp. 421-426, DOI: 10.26438/ijcse/v7i2.421426, 2019.

[7] A. C. Weaver, "Biometric authentication," Computer, vol. 39 no. 2, pp. 96-97, DOI: 10.1109/MC.2006.47, 2006.

[8] M. Kim, J. Moon, D. Won, N. Park, "Revisit of password-authenticated key exchange protocol for healthcare support wireless communication," Electronics, vol. 9 no. 5,DOI: 10.3390/electronics9050733, 2020.

[9] Y. Park, K. S. Park, Y. H. Park, "Secure user authentication scheme with novel server mutual verification for multiserver environments," International Journal of Communication Systems, vol. 32 no. 7, article e3929,DOI: 10.1002/dac.3929, 2019.

[10] S. Banerjee, V. Odelu, A. K. Das, J. Srinivas, N. Kumar, S. Chattopadhyay, K. K. R. Choo, "A provably secure and lightweight anonymous user authenticated session key exchange scheme for Internet of Things deployment," IEEE Internet of Things Journal, vol. 6 no. 5, pp. 8739-8752, DOI: 10.1109/JIOT.2019.2923373, 2019.

[11] A. Irshad, S. A. Chaudhry, M. Sher, B. A. Alzahrani, S. Kumari, X. Li, F. Wu, "An anonymous and efficient multiserver authenticated key agreement with off-line registration centre," IEEE Systems Journal, vol. 13 no. 1, pp. 436-446, DOI: 10.1109/jsyst.2018.2838450, 2018.

[12] D. Kang, J. Jung, D. Lee, H. Kim, D. Won, "Security analysis and enhanced user authentication in proxy mobile IPv6 networks," PLoS One, vol. 12 no. 7, article e0181031,DOI: 10.1371/journal.pone.0181031, 2017.

[13] L. Lamport, "Password authentication with insecure communication," Communications of the ACM, vol. 24 no. 11, pp. 770-772, DOI: 10.1145/358790.358797, 1981.

[14] R. Amin, N. Kumar, G. Biswas, R. Iqbal, V. Chang, "A light weight authentication protocol for IoT-enabled devices in distributed cloud computing environment," Future Generation Computer Systems, vol. 78, pp. 1005-1019, DOI: 10.1016/j.future.2016.12.028, 2018.

[15] C. Wang, K. Ding, B. Li, Y. Zhao, G. Xu, Y. Guo, P. Wang, "An enhanced user authentication protocol based on elliptic curve cryptosystem in cloud computing environment," Wireless Communications and Mobile Computing, vol. 2018,DOI: 10.1155/2018/3048697, 2018.

[16] S. Kumari, X. Li, F. Wu, A. K. Das, K. K. R. Choo, J. Shen, "Design of a provably secure biometrics-based multi-cloud-server authentication scheme," Future Generation Computer Systems, vol. 68, pp. 320-330, DOI: 10.1016/j.future.2016.10.004, 2017.

[17] L. Zhou, X. Li, K. H. Yeh, C. Su, W. Chiu, "Lightweight IoT-based authentication scheme in cloud computing circumstance," Future Generation Computer Systems, vol. 91, pp. 244-251, DOI: 10.1016/j.future.2018.08.038, 2019.

[18] T. Maitra, S. K. H. Islam, R. Amin, D. Giri, M. K. Khan, N. Kumar, "An enhanced multi-server authentication protocol using password and smart-card: cryptanalysis and design," Security and Communication Networks, vol. 9 no. 17, pp. 4615-4638, DOI: 10.1002/sec.1653, 2016.

[19] R. Martínez-Peláez, H. Toral-Cruz, J. R. Parra-Michel, V. García, L. J. Mena, V. G. Félix, A. Ochoa-Brust, "An enhanced lightweight IoT-based authentication scheme in cloud computing circumstances," Sensors, vol. 19 no. 9,DOI: 10.3390/s19092098, 2019.

[20] S. Yu, K. S. Park, Y. H. Park, "A secure lightweight three-factor authentication scheme for IoT in cloud computing environment," Sensors, vol. 19 no. 16,DOI: 10.3390/s19163598, 2019.

[21] M. Alam, I. Jahan, L. J. Rosario, I. Jerin, "A comparative study of RSA and ECC and implementation of ECC on embedded systems," Algorithms, vol. 1, 2016.

[22] N. Koblitz, "Elliptic curve cryptosystems," Mathematics of Computation, vol. 48 no. 177, pp. 203-209, DOI: 10.1090/S0025-5718-1987-0866109-5, 1987.

[23] A. T. B. Jin, D. N. C. Ling, A. Goh, "Biohashing: two factor authentication featuring fingerprint data and tokenised random number," Pattern Recognition, vol. 37 no. 11, pp. 2245-2255, DOI: 10.1016/j.patcog.2004.04.011, 2004.

[24] I. Khan, S. A. Chaudhry, M. Sher, J. I. Khan, M. K. Khan, "An anonymous and provably secure biometric-based authentication scheme using chaotic maps for accessing medical drop box data," The Journal of Supercomputing, vol. 74 no. 8, pp. 3685-3703, DOI: 10.1007/s11227-016-1886-5, 2018.

[25] D. Mishra, P. Vijayakumar, V. Sureshkumar, R. Amin, S. K. H. Islam, P. Gope, "Efficient authentication protocol for secure multimedia communications in IoT-enabled wireless sensor networks," Multimedia Tools and Applications, vol. 77 no. 14, pp. 18295-18325, DOI: 10.1007/s11042-017-5376-4, 2018.

[26] R. Amin, G. P. Biswas, "A novel user authentication and key agreement protocol for accessing multi-medical server usable in tmis," Journal of Medical Systems, vol. 39 no. 3,DOI: 10.1007/s10916-015-0217-3, 2015.

[27] J. Moon, Y. Lee, J. Kim, D. Won, "Improving an anonymous and provably secure authentication protocol for a mobile user," Security and Communication Networks, vol. 2017, article 1378128,DOI: 10.1155/2017/1378128, 2017.

[28] M. Karuppiah, A. K. Das, X. Li, S. Kumari, F. Wu, S. A. Chaudhry, R. Niranchana, "Secure remote user mutual authentication scheme with key agreement for cloud environment," Mobile Networks and Applications, vol. 24 no. 3, pp. 1046-1062, DOI: 10.1007/s11036-018-1061-8, 2019.

[29] D. Wang, Q. Gu, H. Cheng, P. Wang, "The request for better measurement: a comparative evaluation of two-factor authentication schemes," Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 475-486, DOI: 10.1145/2897845.2897916, .

[30] F. Wang, G. Xu, G. Xu, Y. Wang, J. Peng, "A robust IoT-based three-factor authentication scheme for cloud computing resistant to session key exposure," Wireless Communications and Mobile Computing, vol. 2020,DOI: 10.1155/2020/3805058, 2020.

[31] B. Blanchet, "Modeling and verifying security protocols with the applied Pi calculus and ProVerif," Foundations and Trends® in Privacy and Security, vol. 1 no. 1-2,DOI: 10.1561/3300000004, 2016.

[32] S. A. Chaudhry, M. T. Khan, M. K. Khan, T. Shon, "A multiserver biometric authentication scheme for tmis using elliptic curve cryptography," Journal of Medical Systems, vol. 40 no. 11,DOI: 10.1007/s10916-016-0592-4, 2016.

[33] Q. Xie, B. Hu, X. Tan, M. Bao, X. Yu, "Robust anonymous two-factor authentication scheme for roaming service in global mobility network," Wireless Personal Communications, vol. 74 no. 2, pp. 601-614, DOI: 10.1007/s11277-013-1309-3, 2014.

[34] Q. Jiang, Z. Chen, B. Li, J. Shen, L. Yang, J. Ma, "Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems," Journal of Ambient Intelligence and Humanized Computing, vol. 9 no. 4, pp. 1061-1073, DOI: 10.1007/s12652-017-0516-2, 2018.

[35] J. Ryu, H. Lee, H. Kim, D. Won, "Secure and efficient three-factor protocol for wireless sensor networks," Sensors, vol. 18 no. 12,DOI: 10.3390/s18124481, 2018.

[36] M. Burrows, M. Abadi, R. M. Needham, "A logic of authentication," Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences, vol. 426 no. 1871, pp. 233-271, 1989.

[37] L. Kocarev, S. Lian, Chaos-Based Cryptography: Theory, Algorithms and Applications,DOI: 10.1007/978-3-642-20542-2, 2011.

[38] Y. Zhao, S. Li, L. Jiang, T. Liu, "Security-enhanced three-factor remote user authentication scheme based on Chebyshev chaotic maps," International Journal of Distributed Sensor Networks, vol. 15 no. 4,DOI: 10.1177/1550147719842152, 2019.

Word count: 4897

Show less

Copyright © 2021 Hakjun Lee et al. This work is licensed under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.

Abstract

Cloud computing provides virtualized information technology (IT) resources to ensure the workflow desired by user at any time and location; it allows users to borrow computing resources such as software, storage, and servers, as per their needs without the requirements of complicated network and server configurations. With the generalization of small embedded sensor devices and the commercialization of the Internet of Things (IoT), short- and long-range wireless network technologies are being developed rapidly, and the demand for deployment of cloud computing for IoT is increasing significantly. Cloud computing, together with IoT technology, can be used to collect and analyse large amounts of data generated from sensor devices, and easily manage heterogeneous IoT devices such as software updates, network flow control, and user management. In cloud computing, attacks on users and servers can be a serious threat to user privacy. Thus, various user authentication schemes have been proposed to prevent different types of attacks. In this paper, we discuss the security and functional weakness of the related user authentication schemes used in cloud computing and propose a new elliptic curve cryptography- (ECC-) based three-factor authentication scheme to overcome the security shortcomings of existing authentication schemes. To confirm the security of the proposed scheme, we conducted both formal and informal analyses. Finally, we compared the performance of the proposed scheme with those of related schemes to verify that the proposed scheme can be deployed in the real world.

Details

Title

Secure Three-Factor Anonymous User Authentication Scheme for Cloud Computing Environment

Author

Lee, Hakjun¹

; Kang, Dongwoo²

; Lee, Youngsook¹

; Won, Dongho²

¹ Department of IT Software and Security, Howon University, Gunsan, Republic of Korea
² Department of Electrical and Computer Engineering, Sungkyunkwan University, Suwon, Republic of Korea

Editor

Chien-Ming Chen

Publication year

2021

Publication date

2021

Publisher

John Wiley & Sons, Inc.

e-ISSN

15308677

Source type

Scholarly Journal

Language of publication

English

DOI

https://doi.org/10.1155/2021/2098530

ProQuest document ID

2559337912

Secure Three-Factor Anonymous User Authentication Scheme for Cloud Computing Environment

Jump to:

Full text

Abstract

Details

Suggested sources