Cryptanalysis and Improvement of a Smart Card Based Mutual Authentication Scheme in Cloud Computing

2016 ◽  
pp. 311-321 ◽  
Author(s):  
Qi Jiang ◽  
Bingyan Li ◽  
Jianfeng Ma ◽  
Youliang Tian ◽  
Yuanyuan Yang
Keyword(s):  
Cloud Computing ◽  
Smart Card ◽  
Mutual Authentication ◽  
Authentication Scheme

scholarly journals An Enhanced Lightweight IoT-based Authentication Scheme in Cloud Computing Circumstances

Sensors ◽  
2019 ◽  
Vol 19 (9) ◽  
pp. 2098 ◽  
Author(s):  
Rafael Martínez-Peláez ◽  
Homero Toral-Cruz ◽  
Jorge R. Parra-Michel ◽  
Vicente García ◽  
Luis J. Mena ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
Security Requirements ◽  
The Internet ◽  
Authentication Protocols ◽  
Security Vulnerabilities ◽  
Rapid Deployment ◽  
The Internet Of Things

With the rapid deployment of the Internet of Things and cloud computing, it is necessary to enhance authentication protocols to reduce attacks and security vulnerabilities which affect the correct performance of applications. In 2019 a new lightweight IoT-based authentication scheme in cloud computing circumstances was proposed. According to the authors, their protocol is secure and resists very well-known attacks. However, when we evaluated the protocol we found some security vulnerabilities and drawbacks, making the scheme insecure. Therefore, we propose a new version considering login, mutual authentication and key agreement phases to enhance the security. Moreover, we include a sub-phase called evidence of connection attempt which provides proof about the participation of the user and the server. The new scheme achieves the security requirements and resists very well-known attacks, improving previous works. In addition, the performance evaluation demonstrates that the new scheme requires less communication-cost than previous authentication protocols during the registration and login phases.

scholarly journals New Authentication Scheme to Secure against the Phishing Attack in the Mobile Cloud Computing

2019 ◽  
Vol 2019 ◽  
pp. 1-11 ◽  
Author(s):  
Munivel E ◽  
Kannammal A
Keyword(s):  
Cloud Computing ◽  
Service Provider ◽  
Mobile Cloud Computing ◽  
Mutual Authentication ◽  
Social Engineering ◽  
Cloud Services ◽  
Authentication Scheme ◽  
Protocol Verification ◽  
Mobile Cloud ◽  
Verification Tool

A phishing attack is one of the severe threats to the smartphone users. As per the recent lookout report, mobile phishing attack is increasing 85% year to year and going to become a significant threat to the smartphone users. This social engineering attack attempts to get the user’s password by disguising as trusted service provider. Most of the smartphone users are using the Internet services outside of the traditional firewall. Cloud-based documents are one of the primary targets of this phishing attack in mobile cloud computing. Also, most smartphone users are using the cloud storage in their device. To secure against this password attack in a mobile cloud environment, we propose a new authentication scheme to provide novel security to the mobile cloud services. This scheme will verify the user and service provider without transmitting the password using the Zero-knowledge proof based authentication protocol. Moreover, the proposed scheme will provide mutual authentication between the communication entities. The effectiveness of proposed scheme would be verified using protocol verification tool called Scyther.

scholarly journals Password authentication scheme based on smart card and QR code

2021 ◽  
Vol 23 (1) ◽  
pp. 140
Author(s):  
Mushtaq Hasson ◽  
Ali A. Yassin ◽  
Abdulla J. Yassin ◽  
Abdullah Mohammed Rashid ◽  
Aqeel A. Yaseen ◽  
...  
Keyword(s):  
Smart Card ◽  
Key Management ◽  
Service Providers ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Cloud Service ◽  
Cloud Services ◽  
Authentication Scheme ◽  
Qr Code ◽  
Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

Sign in / Sign up

Export Citation Format

Share Document