Top

The Journal of Supercomputing

Published in:

25-04-2023

Lightweight and authentic symmetric session key cryptosystem for client–server mobile communication

Authors: Zeeshan Ashraf, Adnan Sohail, Muhammad Yousaf

Published in: The Journal of Supercomputing | Issue 14/2023

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Over the last decade, millions of 4G and 5G-enabled mobile devices have become part of the Internet. Almost, all the applications have been shifted to smartphones. A person connects his smartphone to several other devices or remote servers for exchanging sensitive data. In this sense, security threats in terms of authentication, data confidentiality, and data integrity are increasing day by day for mobile devices. The asymmetric key cryptosystem is considered more secure, but it is heavyweight for smart devices on the basis of computation and communication costs. The symmetric key cryptosystem is considered lightweight for smart devices in terms of computation and communication overheads, but it is vulnerable to several attacks such as MITM attacks. Several symmetric key security systems have been proposed for smart devices but adopt complex mathematical procedures. Therefore, existing symmetric key security systems increase the computation and communication overheads. In this paper, we propose a lightweight and authentic symmetric key cryptosystem for resource-constrained mobile client–server environments. Our proposed cryptosystem consists of a lightweight symmetric session key exchange algorithm, mutual authentication service, and data confidentiality service, respectively. Moreover, we prove the robustness of our proposed cryptosystem with the help of informal and formal security analysis through the AVISPA tool. In addition, performance evaluation and comparisons with existing security systems show that our proposed cryptosystem is efficient, lightweight, secure, and most suitable for mobile computing.

previous article TTLA: two-way trust between clients and fog servers using Bayesian learning automata

next article Multivariate outlier filtering for A-NFVLearn: an advanced deep VNF resource usage forecasting technique

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Review WP (2022) Cell phones by country. http://worldpopulationreview.com/country-rankings/cell-phones-by-country.htm Accessed 2022-09-30

Byamungu RK (2021) Enhancing capacity and network performance of client-server architectures using mobile ipv6 host-based network protocol. Global J Comput Sci Technol 20:29

Siriwardhana Y, Porambage P, Liyanage M, Ylianttila M (2021) A survey on mobile augmented reality with 5g mobile edge computing: architectures, applications, and technical aspects. IEEE Commun Surv Tutorials 23(2):1160–1192CrossRef

Wu T-Y, Lee Z, Obaidat MS, Kumari S, Kumar S, Chen C-M (2020) An authenticated key exchange protocol for multi-server architecture in 5g networks. IEEE Access 8:28096–28108CrossRef

AlAhmad AS, Kahtan H, Alzoubi YI, Ali O, Jaradat A (2021) Mobile cloud computing models security issues: a systematic review. J Netw Comput Appl 190:103152CrossRef

Sagar Hossen M, Tabassum T, Ashiqul Islam, M, Karim R, Rumi LS, Kobita AA (2021) Digital signature authentication using asymmetric key cryptography with different byte number. In: Evolutionary Computing and Mobile Sustainable Networks: Proceedings of ICECMSN 2020, pp 845–851. Springer

Braeken A (2020) Symmetric key based 5g aka authentication protocol satisfying anonymity and unlinkability. Comput Netw 181:107424CrossRef

Braeken A (2022) Public key versus symmetric key cryptography in client-server authentication protocols. Int J Inf Secur 21(1):103–114CrossRef

Kumar S, Tyagi M, Khanna A, Fore V (2018) A survey of mobile computation offloading: Applications, approaches and challenges. In: 2018 International Conference on Advances in Computing and Communication Engineering (ICACCE), pp 51–58. IEEE

10.

Rajesh S, Paul V, Menon VG, Khosravi MR (2019) A secure and efficient lightweight symmetric encryption scheme for transfer of text files between embedded iot devices. Symmetry 11(2):293CrossRef

11.

Arumugam M, Deepa S, Arun G, Sathishkumar P, Jeevanantham K (2021) Secure data sharing for mobile cloud computing using rsa. In: IOP Conference Series: Materials Science and Engineering, 1055:012108. IOP Publishing

12.

Raniyal MS, Woungang I, Dhurandher SK (2018) An rsa-based user authentication scheme for smart-homes using smart card. In: International Conference on Intelligent, Secure, and Dependable Systems in Distributed and Cloud Environments, pp 16–29. Springer

13.

Bagha AM, Woungang I, Dhurandher SK, Traore I (2020) A rsa-biometric based user authentication scheme for smart homes using smartphones. In: International Conference on Advanced Information Networking and Applications, pp 845–857. Springer

14.

Somsuk K, Thakong M (2020) Authentication system for e-certificate by using rsa’s digital signature. TELKOMNIKA (Telecommun Comput Electron Control) 18(6):2948–2955CrossRef

15.

Suárez-Albela M, Fernández-Caramés TM, Fraga-Lamas P, Castedo L (2018) A practical performance comparison of ecc and rsa for resource-constrained iot devices. In: 2018 Global Internet of Things Summit (GIoTS), pp 1–6. IEEE

16.

Mo J, Hu Z, Chen H, Shen W (2019) An efficient and provably secure anonymous user authentication and key agreement for mobile cloud computing. Wireless Commun Mobile Comput 2019

17.

Qiu S, Xu G, Ahmad H, Xu G, Qiu X, Xu H (2019) An improved lightweight two-factor authentication and key agreement protocol with dynamic identity based on elliptic curve cryptography. KSII Trans Int Inform Syst (TIIS) 13(2):978–1002

18.

Mo J, Hu Z, Lin Y (2018) Remote user authentication and key agreement for mobile client-server environments on elliptic curve cryptography. J Supercomput 74(11):5927–5943CrossRef

19.

Kumari A, Jangirala S, Abbasi MY, Kumar V, Alam M (2020) Eseap: Ecc based secure and efficient mutual authentication protocol using smart card. J Inform Sec Appl 51:102443

20.

Qi M, Chen J (2017) An efficient two-party authentication key exchange protocol for mobile environment. Int J Commun Syst 30(16):3341CrossRef

21.

Luo M, Zhang Y, Khan MK, He D (2017) A secure and efficient identity-based mutual authentication scheme with smart card using elliptic curve cryptography. Int J Commun Syst 30(16):3333CrossRef

22.

Tsobdjou LD, Pierre S, Quintero A (2021) A new mutual authentication and key agreement protocol for mobile client-server environment. IEEE Trans Netw Serv Manage 18(2):1275–1286CrossRef

23.

Park K, Park Y, Park Y, Das AK (2018) 2pakep: provably secure and efficient two-party authenticated key exchange protocol for mobile environment. IEEE Access 6:30225–30241CrossRef

24.

Abarzúa R, Valencia C, López J (2019) Survey for performance & security problems of passive side-channel attacks countermeasures in ecc. Cryptology ePrint Archive

25.

Naher N, Haque M, et al (2019) Authentication of diffie-hellman protocol against man-in-the-middle attack using cryptographically secure crc. In: Proceedings of International Ethical Hacking Conference 2018, pp 139–150. Springer

26.

Mitra S, Das S, Kule M (2021) Prevention of the man-in-the-middle attack on diffie–hellman key exchange algorithm: A review. In: Proceedings of International Conference on Frontiers in Computing and Systems, pp 625–635. Springer

27.

Ashraf Z, Sohail A, Yousaf M (2023) Robust and lightweight symmetric key exchange algorithm for next-generation IoE. Int Things 22:100703CrossRef

28.

Lu Y, Li L, Peng H, Yang Y (2016) Robust anonymous two-factor authenticated key exchange scheme for mobile client-server environment. Sec Commun Net 9(11):1331–1339CrossRef

29.

Mahmood K, Rehman A, Chaudhary P, Li X, Wu F, Kumari S (2020) Revised anonymous authentication protocol for adaptive client-server infrastructure. Int J Commun Syst 33(4):4253CrossRef

30.

Wu T-Y, Meng Q, Yang L, Guo X, Kumari S (2022) A provably secure lightweight authentication protocol in mobile edge computing environments. J Supercomput 78(12):13893–13914CrossRef

31.

Shashidhara R, Bojjagani S, Maurya AK, Kumari S, Xiong H (2020) A robust user authentication protocol with privacy-preserving for roaming service in mobility environments. Peer-to-peer Net Appl 13:1943–1966CrossRef

32.

Shashidhara R, Lajuvanthi M, Akhila S (2021) A secure and privacy-preserving mutual authentication system for global roaming in mobile networks. Arabian J Sci Eng 47:1435–1446CrossRef

33.

Madhusudhan R (2020) Mobile user authentication protocol with privacy preserving for roaming service in glomonet. Peer-to-Peer Net Appl 13:82–103CrossRef

34.

Watini S, Nurhaeni T, Meria L (2021) Development of village office service models to community based on mobile computing. Int J Cyber IT Serv Manage 1(2):189–196CrossRef

35.

Deering S, Hinden R (2017) Internet protocol, version 6 (ipv6) specification. Technical report

36.

Dutta N, Sarma HKD (2022) Efficient mobility management in ip networks through three layered mipv6. J Ambient Intell Humaniz Comput 13(6):3209–3227CrossRef

37.

Ashraf Z, Sohail A, Latif S, Hameed A, Yousaf M (2023) Challenges and mitigation strategies for transition from ipv4 network to virtualized next-generation ipv6 network. Int. Arab J. Inform. Technol. 20(1):78–91

38.

Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208MathSciNetCrossRefMATH

39.

Verma R, Dhanda N, Nagar V (2022) Enhancing security with in-depth analysis of brute-force attack on secure hashing algorithms. In: Proceedings of Trends in Electronics and Health Informatics: TEHI 2021, pp 513–522. Springer

40.

Barker E, Dang Q (2020) Nist special publication 800-57 part 1, revision 5: Recommendation for key management: Part 1–general. Cited on, 58

41.

Lawrence T, Li F, Ali I, Kpiebaareh MY, Haruna CR, Christopher T (2021) An hmac-based authentication scheme for network coding with support for error correction and rogue node identification. J Syst Architect 116:102051CrossRef

42.

Kelly S, Frankel S (2007) Using hmac-sha-256, hmac-sha-384, and hmac-sha-512 with ipsec. Technical report

43.

Dambhare SA, Walde RR, Bhogekar SR, Ranajit S, Kotgiriwar RS, Langde SS (2022) Design and implementation of encryption tool using advanced encryption standard (aes). In: 2022 International Conference on Electronics and Renewable Systems (ICEARS), pp 870–874. IEEE

44.

Pandian R, Columbus C (2022) An analytical approach for optimal secured data storage on cloud server for online education platform. Geoscientific Instrumentation, Methods and Data Systems Discussions 1–36

45.

Yan X, Yan K, Rehman MU, Ullah S (2022) Impersonation attack detection in mobile edge computing by levering sarsa technique in physical layer security. Appl Sci 12:10225CrossRef

46.

Bharath K, Kumar MR (2022) New replay attack detection using iterative adaptive inverse filtering and high frequency band. Expert Syst Appl 195:116597CrossRef

47.

Fan Q, Chen J, Shojafar M, Kumari S, He D (2022) Sake*: a symmetric authenticated key exchange protocol with perfect forward secrecy for industrial internet of things. IEEE Trans Indus Inform 18(9):6424–6434CrossRef

48.

Rahman S, Uddin J, Khan HU, Hussain H, Khan AA, Zakarya M (2022) A novel steganography technique for digital images using the least significant bit substitution method. IEEE Access 10:124053–124075CrossRef

49.

Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Drielsma PH, Héam P-C, Kouchnarenko O, Mantovani J, et al (2005) The avispa tool for the automated validation of internet security protocols and applications. In: International Conference on Computer Aided Verification, pp 281–285. Springer

50.

Genet T SPAN: Security protocol animator for AVISPA. http://people.irisa.fr/Thomas.Genet/span/ Accessed 2023-03-22

Title: Lightweight and authentic symmetric session key cryptosystem for client–server mobile communication
Authors: Zeeshan Ashraf
Adnan Sohail
Muhammad Yousaf
Publication date: 25-04-2023
Publisher: Springer US
Published in: The Journal of Supercomputing / Issue 14/2023
Print ISSN: 0920-8542
Electronic ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-023-05239-7

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Other articles of this Issue 14/2023

Multivariate outlier filtering for A-NFVLearn: an advanced deep VNF resource usage forecasting technique

On forcibly k-edge-connected and forcibly super edge-connected uniform hypergraphic sequences

The HSGWO-MPIO algorithm based on improved search capability

FSCN: a novel forwarding method based on Shannon entropy and COPRAS decision process in named data networking

Enhanced aerial vehicle system techniques for detection and tracking in fog, sandstorm, and snow conditions

A machine learning-based resource-efficient task scheduler for heterogeneous computer systems

Premium Partner