nach oben

Cluster Computing

Erschienen in:

29.05.2023

A design of provably secure multi-factor ECC-based authentication protocol in multi-server cloud architecture

verfasst von: Shivangi Shukla, Sankita J. Patel

Erschienen in: Cluster Computing | Ausgabe 2/2024

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The emerging cloud infrastructure has escalated number of servers offering flexible and diverse remote services through public channels. However, user authentication in conventional single-server architecture necessitates multiple smart cards maintenance and passwords memorization to access different cloud servers. To address this limitation, researchers devised authentication protocols for multi-server architecture that offers scalable platform wherein users can access multiple servers with single registration. The multi-factor authentication protocols leverage biometric keys to bind users’ physical characteristics with their identity, offering higher security than two-factor authentication protocols. However, the existing protocols for multi-server architecture are prone to replay, user impersonation, denial of service, server spoofing attacks and lack security functionalities such as user anonymity and untraceability, backward and forward secrecy, and session key security. Moreover, the incorporation of registration center (RC) to authenticate each pair of user-server in multi-server architecture can lead to computational bottleneck and single-point failure issues on RC. To overcome these security loopholes, we design a novel provably secure multi-factor elliptic curve cryptography (ECC) based authentication protocol for multi-server architecture with offline RC for cloud environment. The formal security analysis under widely accepted real-or-random (ROR) model and informal security analysis of proposed protocol demonstrate provision of security functionalities and resilience against potential security attacks. Furthermore, we adopt Scyther security verification tool to verify our protocol’s correctness and security properties. The performance evaluation demonstrates that our protocol offers robust security functionalities with reasonable communication and computation overheads than state-of-the-art protocols.

Vorheriger Artikel CSADE: a delay-sensitive scheduling method based on task admission and delay evaluation on edge–cloud collaboration

Nächster Artikel Two-stage scheduling for a fluctuant big data stream on heterogeneous servers with multicores in a data center

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Masud, M., Gaba, G.S., Choudhary, K., Alroobaea, R., Hossain, M.S.: A robust and lightweight secure access scheme for cloud based e-healthcare services. Peer-to-peer Netw. Appl. 14(5), 3043–3057 (2021). https://doi.org/10.1007/s12083-021-01162-xCrossRef

Sudarsa, D., Sivakumar, A.: An effective and secured authentication and sharing of data with dynamic groups in cloud. Data Knowl. Eng. 145, 102125 (2023). https://doi.org/10.1016/j.datak.2022.102125CrossRef

Anakath, A., Rajakumar, S., Ambika, S.: Privacy preserving multi factor authentication using trust management. Clust. Comput. 22(Suppl 5), 10817–10823 (2019). https://doi.org/10.1007/s10586-017-1181-0CrossRef

Tabrizchi, H., Rafsanjani, M.K.: A survey on security challenges in cloud computing: issues, threats, and solutions. J. Supercomput. 76(12), 9493–9532 (2020). https://doi.org/10.1007/s11227-020-03213-1CrossRef

Jangjou, M., Sohrabi, M.K.: A comprehensive survey on security challenges in different network layers in cloud computing. Arch. Comput. Methods Eng. (2022). https://doi.org/10.1007/s11831-022-09708-9CrossRef

Wang, D., Wang, P., Wang, C.: Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in wsns. ACM Trans. Cyber-Phys. Syst. 4(3), 1–26 (2020). https://doi.org/10.1145/3325130CrossRef

Xu, M., Wang, D., Wang, Q., Jia, Q.: Understanding security failures of anonymous authentication schemes for cloud environments. J. Syst. Architect. (2021). https://doi.org/10.1016/j.sysarc.2021.102206CrossRef

Ali, R., Pal, A.K., Kumari, S., Karuppiah, M., Conti, M.: A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring. Futur. Gener. Comput. Syst. 84, 200–215 (2018). https://doi.org/10.1016/j.future.2017.06.018CrossRef

Kumari, A., Jangirala, S., Abbasi, M.Y., Kumar, V., Alam, M.: Eseap: Ecc based secure and efficient mutual authentication protocol using smart card. J. Inf. Secur. Appl. 51, 102443 (2020). https://doi.org/10.1016/j.jisa.2019.102443CrossRef

10.

Alam, I., Kumar, M.: A novel protocol for efficient authentication in cloud-based iot devices. Multimed. Tools Appl. (2022). https://doi.org/10.1007/s11042-022-11927-yCrossRef

11.

Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002). https://doi.org/10.1109/TC.2002.1004593MathSciNetCrossRef

12.

Al-Saggaf, A.A., Sheltami, T., Alkhzaimi, H., Ahmed, G.: Lightweight two-factor-based user authentication protocol for iot-enabled healthcare ecosystem in quantum computing. Arab. J. Sci. Eng. 48, 2347–2357 (2023). https://doi.org/10.1007/s13369-022-07235-0CrossRef

13.

Masdari, M., Ahmadzadeh, S.: A survey and taxonomy of the authentication schemes in telecare medicine information systems. J. Netw. Comput. Appl. 87, 1–19 (2017). https://doi.org/10.1016/j.jnca.2017.03.003CrossRef

14.

Bouchaala, M., Ghazel, C., Saidane, L.A.: Enhancing security and efficiency in cloud computing authentication and key agreement scheme based on smart card. J. Supercomput. (2021). https://doi.org/10.1007/s11227-021-03857-7CrossRef

15.

Chen, Y., Chen, J.: An efficient and privacy-preserving mutual authentication with key agreement scheme for telecare medicine information system. Peer-to-Peer Netw. Appl. 15(1), 516–528 (2022). https://doi.org/10.1007/s12083-021-01260-wCrossRef

16.

Sahoo, S.S., Mohanty, S., Majhi, B.: Improved biometric-based mutual authentication and key agreement scheme using ecc. Wirel. Pers. Commun. 111(2), 991–1017 (2020). https://doi.org/10.1007/s11277-019-06897-8CrossRef

17.

Haq, I.U., Wang, J., Zhu, Y., Maqbool, S.: A survey of authenticated key agreement protocols for multi-server architecture. J. Inf. Secur. Appl. 55, 102639 (2020). https://doi.org/10.1016/j.jisa.2020.102639CrossRef

18.

Chatterjee, S., Roy, S., Das, A.K., Chattopadhyay, S., Kumar, N., Vasilakos, A.V.: Secure biometric-based authentication scheme using chebyshev chaotic map for multi-server environment. IEEE Trans. Dependable Secure Comput. 15(5), 824–839 (2016). https://doi.org/10.1109/TDSC.2016.2616876CrossRef

19.

Chuang, M.-C., Chen, M.C.: An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst. Appl. 41(4), 1411–1418 (2014). https://doi.org/10.1016/j.eswa.2013.08.040CrossRef

20.

Mishra, D., Das, A.K., Mukhopadhyay, S.: A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst. Appl. 41(18), 8129–8143 (2014). https://doi.org/10.1016/j.eswa.2014.07.004CrossRef

21.

Shen, H., Gao, C., He, D., Wu, L.: New biometrics-based authentication scheme for multi-server environment in critical systems. J. Ambient. Intell. Humaniz. Comput. 6(6), 825–834 (2015). https://doi.org/10.1007/s12652-015-0305-8CrossRef

22.

Lu, Y., Li, L., Peng, H., Yang, Y.: A biometrics and smart cards-based authentication scheme for multi-server environments. Secur. Commun. Netw. 8(17), 3219–3228 (2015). https://doi.org/10.1002/sec.1246CrossRef

23.

Ryu, J., Oh, J., Kwon, D., Son, S., Lee, J., Park, Y., Park, Y.: Secure ecc-based three-factor mutual authentication protocol for telecare medical information system. IEEE Access 10, 11511–11526 (2022). https://doi.org/10.1109/ACCESS.2022.3145959CrossRef

24.

Bae, W.I., Kwak, J.: Smart card-based secure authentication protocol in multi-server iot environment. Multimed. Tools Appl. 79, 15793–15811 (2020). https://doi.org/10.1007/s11042-017-5548-2CrossRef

25.

Lee, C.-C., Lin, T.-H., Chang, R.-X.: A secure dynamic id based remote user authentication scheme for multi-server environment using smart cards. Expert Syst. Appl. 38(11), 13863–13870 (2011). https://doi.org/10.1016/j.eswa.2011.04.190CrossRef

26.

Li, X., Ma, J., Wang, W., Xiong, Y., Zhang, J.: A novel smart card and dynamic id based remote user authentication scheme for multi-server environments. Math. Comput. Model. 58(1–2), 85–95 (2013). https://doi.org/10.1016/j.mcm.2012.06.033CrossRef

27.

Yoon, E.-J., Yoo, K.-Y.: Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J. Supercomput. 63(1), 235–255 (2013). https://doi.org/10.1007/s11227-010-0512-1CrossRef

28.

Kim, H., Jeon, W., Lee, K., Lee, Y., Won, D.: Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme. In: International conference on computational science and its applications, Springer, pp. 391–406 (2012). https://doi.org/10.1007/978-3-642-31137-6_30

29.

He, D., Wang, D.: Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J. 9(3), 816–823 (2015). https://doi.org/10.1109/JSYST.2014.2301517CrossRef

30.

Odelu, V., Das, A.K., Goswami, A.: A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans. Inf. Forensics Secur. 10(9), 1953–1966 (2015). https://doi.org/10.1109/TIFS.2015.2439964CrossRef

31.

Chaturvedi, A., Das, A.K., Mishra, D., Mukhopadhyay, S.: Design of a secure smart card-based multi-server authentication scheme. J. Inf. Secur. Appl. 30, 64–80 (2016). https://doi.org/10.1016/j.jisa.2016.05.006CrossRef

32.

Ali, R., Pal, A.K.: Three-factor-based confidentiality-preserving remote user authentication scheme in multi-server environment. Arab. J. Sci. Eng. 42(8), 3655–3672 (2017). https://doi.org/10.1007/s13369-017-2665-1MathSciNetCrossRef

33.

Kumari, S., Li, X., Wu, F., Das, A.K., Choo, K.-K.R., Shen, J.: Design of a provably secure biometrics-based multi-cloud-server authentication scheme. Futur. Gener. Comput. Syst. 68, 320–330 (2017). https://doi.org/10.1016/j.future.2016.10.004CrossRef

34.

Feng, Q., He, D., Zeadally, S., Wang, H.: Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment. Futur. Gener. Comput. Syst. 84, 239–251 (2018). https://doi.org/10.1016/j.future.2017.07.040CrossRef

35.

Kumar, A., Om, H.: An improved and secure multiserver authentication scheme based on biometrics and smartcard. Digit. Commun. Networks 4(1), 27–38 (2018). https://doi.org/10.1016/j.dcan.2017.09.004CrossRef

36.

Barman, S., Das, A.K., Samanta, D., Chattopadhyay, S., Rodrigues, J.J., Park, Y.: Provably secure multi-server authentication protocol using fuzzy commitment. IEEE Access 6, 38578–38594 (2018). https://doi.org/10.1109/ACCESS.2018.2854798CrossRef

37.

Jangirala, S., Mukhopadhyay, S., Das, A.K.: A multi-server environment with secure and efficient remote user authentication scheme based on dynamic id using smart cards. Wirel. Pers. Commun. 95(3), 2735–2767 (2017). https://doi.org/10.1007/s11277-017-3956-2CrossRef

38.

Sahoo, S.S., Mohanty, S., Majhi, B.: An improved and secure two-factor dynamic id based authenticated key agreement scheme for multiserver environment. Wirel. Pers. Commun. 101(3), 1307–1333 (2018). https://doi.org/10.1007/s11277-018-5764-8CrossRef

39.

Lwamo, N.M., Zhu, L., Xu, C., Sharif, K., Liu, X., Zhang, C.: Suaa: a secure user authentication scheme with anonymity for the single & multi-server environments. Inf. Sci. 477, 369–385 (2019). https://doi.org/10.1016/j.ins.2018.10.037CrossRef

40.

Yao, H., Wang, C., Fu, X., Liu, C., Wu, B., Li, F.: A privacy-preserving rlwe-based remote biometric authentication scheme for single and multi-server environments. IEEE Access 7, 109597–109611 (2019). https://doi.org/10.1109/ACCESS.2019.2933576CrossRef

41.

Barman, S., Shum, H.P., Chattopadhyay, S., Samanta, D.: A secure authentication protocol for multi-server-based e-healthcare using a fuzzy commitment scheme. IEEE Access 7, 12557–12574 (2019). https://doi.org/10.1109/ACCESS.2019.2893185CrossRef

42.

Ali, Z., Hussain, S., Rehman, R.H.U., Munshi, A., Liaqat, M., Kumar, N., Chaudhry, S.A.: Itssaka-ms: an improved three-factor symmetric-key based secure aka scheme for multi-server environments. IEEE Access 8, 107993–108003 (2020). https://doi.org/10.1109/ACCESS.2020.3000716CrossRef

43.

Sahoo, S.S., Mohanty, S., Majhi, B.: A secure three factor based authentication scheme for health care systems using iot enabled devices. J. Ambient. Intell. Humaniz. Comput. 12(1), 1419–1434 (2021). https://doi.org/10.1007/s12652-020-02213-6CrossRef

44.

Luo, H., Wang, F., Xu, G.: Provably secure ecc-based three-factor authentication scheme for mobile cloud computing with offline registration centre. Wirel. Commun. Mob. Comput. (2021). https://doi.org/10.1155/2021/8848032CrossRef

45.

Sharma, R., Arya, R.: A secure authentication technique for connecting different iot devices in the smart city infrastructure. Clust. Comput. 25(4), 2333–2349 (2022). https://doi.org/10.1007/s10586-021-03444-8CrossRef

46.

Jegadeesan, S., Obaidat, M.S., Vijayakumar, P., Azees, M., Karuppiah, M.: Efficient privacy-preserving anonymous authentication scheme for human predictive online education system. Clust. Comput. 25(4), 2557–2571 (2022). https://doi.org/10.1007/s10586-021-03390-5CrossRef

47.

Sivaselvan, N., Bhat, K.V., Rajarajan, M., Das, A.K., Rodrigues, J.J.: Suacc-iot: secure unified authentication and access control system based on capability for iot. Clust. Comput. (2022). https://doi.org/10.1007/s10586-022-03733-wCrossRef

48.

Itoo, S., Ahmad, M., Kumar, V., Alkhayyat, A.: Rkmis: robust key management protocol for industrial sensor network system. J. Supercomput. 79, 1–29 (2023). https://doi.org/10.1007/s11227-022-05041-xCrossRef

49.

Hammami, H., Yahia, S.B., Obaidat, M.S.: A novel efficient and lightweight authentication scheme for secure smart grid communication systems. J. Supercomput. 79, 1–17 (2022). https://doi.org/10.1007/s11227-022-04944-zCrossRef

50.

Limbasiya, T., Sahay, S.K., Sridharan, B.: Privacy-preserving mutual authentication and key agreement scheme for multi-server healthcare system. Inf. Syst. Front. (2021). https://doi.org/10.1007/s10796-021-10115-xCrossRef

51.

Roy, P.K., Bhattacharya, A.: A group key-based lightweight mutual authentication and key agreement (maka) protocol for multi-server environment. J. Supercomput. (2021). https://doi.org/10.1007/s11227-021-04114-7CrossRef

52.

Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987). https://doi.org/10.1090/S0025-5718-1987-0866109-5MathSciNetCrossRef

53.

Miller, V. S.: Use of elliptic curves in cryptography. In: Conference on the theory and application of cryptographic techniques, Springer, pp. 417–426 (1985). https://doi.org/10.1007/3-540-39799-X_31

54.

Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: International conference on the theory and applications of cryptographic techniques. Springer, pp. 523–540 (2004). https://doi.org/10.1007/978-3-540-24676-3_31

55.

Sarkar, P.: A simple and generic construction of authenticated encryption with associated data. ACM Tran. Inf. Syst. Secur. 13(4), 1–16 (2010). https://doi.org/10.1145/1880022.1880027CrossRef

56.

Stinson, D.R.: Some observations on the theory of cryptographic hash functions. Des. Codes Crypt. 38(2), 259–277 (2006). https://doi.org/10.1007/s10623-005-6344-yMathSciNetCrossRef

57.

Kocher, P., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to differential power analysis. J. Cryptogr. Eng. 1(1), 5–27 (2011). https://doi.org/10.1007/s13389-011-0006-yCrossRef

58.

Smart Card Overview, [Online], https://www.oracle.com/java/technologies/java-card/smartcards.html. Accessed 24 Feb 2023

59.

Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: International Workshop on Public Key Cryptography, Springer, pp. 65–84 (2005). https://doi.org/10.1007/978-3-540-30580-4_6

60.

Rafique, F., Obaidat, M.S., Mahmood, K., Ayub, M.F., Ferzund, J., Chaudhry, S.A.: An efficient and provably secure certificateless protocol for industrial internet of things. IEEE Trans. Ind. Inf. 18(11), 8039–8046 (2022). https://doi.org/10.1109/TII.2022.3156629CrossRef

61.

Ayub, M.F., Saleem, M.A., Altaf, I., Mahmood, K., Kumari, S.: Fuzzy extraction and puf based three party authentication protocol using usb as mass storage device. J. Inf. Secur. Appl. 55, 102585 (2020). https://doi.org/10.1016/j.jisa.2020.102585CrossRef

62.

Zahoor, A., Mahmood, K., Shamshad, S., Saleem, M.A., Ayub, M.F., Conti, M., Das, A.K.: An access control scheme in iot-enabled smart-grid systems using blockchain and puf. Internet of Things (2023). https://doi.org/10.1016/j.iot.2023.100708CrossRef

63.

Wu, F., Xu, L., Kumari, S., Li, X.: A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput. Electr. Eng. 45, 274–285 (2015). https://doi.org/10.1016/j.compeleceng.2015.02.015CrossRef

64.

Jain, A.K., Nandakumar, K., Nagar, A.: Biometric template security. EURASIP J. Adv. Signal Process. 2008, 1–17 (2008). https://doi.org/10.1155/2008/579416CrossRef

65.

Cremers, C.J.: The Scyther tool: verification, falsification, and analysis of security protocols. In: International Conference on Computer Aided Verification, Springer, pp. 414–418 (2008). https://doi.org/10.6100/IR614943

66.

Rehman, H.U., Ghani, A., Chaudhry, S.A., Alsharif, M.H., Nabipour, N.: A secure and improved multi server authentication protocol using fuzzy commitment. Multimed. Tools Appl. 80(11), 16907–16931 (2021). https://doi.org/10.1007/s11042-020-09078-zCrossRef

Titel: A design of provably secure multi-factor ECC-based authentication protocol in multi-server cloud architecture
verfasst von: Shivangi Shukla
Sankita J. Patel
Publikationsdatum: 29.05.2023
Verlag: Springer US
Erschienen in: Cluster Computing / Ausgabe 2/2024
Print ISSN: 1386-7857
Elektronische ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-023-04034-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2024

An efficient multi-objective scheduling algorithm based on spider monkey and ant colony optimization in cloud computing

Framework for wrapping binary swarm optimizers to the hybrid parallel cooperative coevolving version

Knowledge-based multi-objective estimation of distribution algorithm for solving reliability constrained cloud workflow scheduling

Improved Harris Hawks Optimizer with chaotic maps and opposition-based learning for task scheduling in cloud environment

EIoT-DDoS: embedded classification approach for IoT traffic-based DDoS attacks

Hybrid modified particle swarm optimization with genetic algorithm (GA) based workflow scheduling in cloud-fog environment for multi-objective optimization

Premium Partner