scholarly journals Efficient Multi-linear Key Pairing Cryptosystem for Reliable Cloud-based Service Provisioning

2021 ◽  
Vol 11 (4) ◽  
pp. 4440-4455
Author(s):  
Dr. Sabout Nagaraju ◽  
S.K.V. Jayakumar ◽  
C. Swetha Priya
Keyword(s):  
Cloud Computing ◽  
Key Management ◽  
Mutual Authentication ◽  
Critical Role ◽  
Service Provisioning ◽  
Secret Key ◽  
Session Key ◽  
Perfect Forward Secrecy ◽  
Key Leakage ◽  
Accuracy Rates

Cloud computing has gained rapid growth in the development of different fields of science and engineering. However, due to the distributed nature of cloud computing, session key generation and establishment is the pressing issue. Session key management plays the utmost important role in the secure exchange of sensitive login credentials and transaction information. Moreover, conventional session key management mechanisms are inadequate and cannot be directly adopted in cloud-based environments. Hence, session key management is very much solely needed solution for reliable cloud-based service provisioning. In mutual authentication, bi-linear key pairing cryptosystem plays a critical role to generate and establish a session key. The existing mutual authentication schemes fail to support true mutual authentication in cloud-based environments as they are vulnerable to secret key leakage, perfect forward secrecy, and untraceability. To mitigate the effect of these attacks, this research develops an efficient multi-linear key pairing cryptosystem. In this cryptosystem, challenge-response messages are used for generating and establishing a one-time shared session key. Furthermore, the performance analysis of the proposed cryptosystem depicts a significant reduction of computation cost, authentication accuracy rates, and resistance to the aforementioned attacks.

scholarly journals New Secure and Practical E-Mail Protocol with Perfect Forward Secrecy

Symmetry ◽  
2021 ◽  
Vol 13 (7) ◽  
pp. 1144
Author(s):  
Chien-Ding Lee ◽  
Tzung-Her Chen
Keyword(s):  
Key Management ◽  
Electronic Mail ◽  
Mutual Authentication ◽  
Computational Cost ◽  
The Internet ◽  
Security Level ◽  
Secret Key ◽  
Forward Secrecy ◽  
Perfect Forward Secrecy ◽  
E Mail

The invention of electronic mail (e-mail) has made communication through the Internet easier than before. However, because the fundamental functions of the Internet are built on opensource technologies, it is critical to keep all transmitted e-mail secure and secret. Most current e-mail protocols only allow recipients to check their e-mail after the recipients are authenticated by the e-mail server. Unfortunately, the subsequent e-mail transmission from the server to the recipient remains unprotected in the clear form without encryption. Sometimes, this is not allowed, especially in consideration of issues such as confidentiality and integrity. In this paper, we propose a secure and practical e-mail protocol with perfect forward secrecy, as well as a high security level, in which the session keys used to encrypt the last e-mail will not be disclosed even if the long-term secret key is compromised for any possible reason. Thus, the proposed scheme benefits from the following advantages: (1) providing mutual authentication to remove the threat of not only impersonation attacks, but also spam; (2) guaranteeing confidentiality and integrity while providing the service of perfect forward secrecy; (3) simplifying key management by avoiding the expense of public key infrastructure involvement; and (4) achieving lower computational cost while meeting security criteria compared to the related works. The security analysis and the discussion demonstrate that the proposed scheme works well.

scholarly journals An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

2016 ◽  
Vol 2016 ◽  
pp. 1-10
Author(s):  
Yousheng Zhou ◽  
Junfeng Zhou ◽  
Feng Wang ◽  
Feng Guo
Keyword(s):  
Key Management ◽  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Session Key ◽  
The Real ◽  
Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

scholarly journals A Secure Lightweight Three-Factor Authentication Scheme for IoT in Cloud Computing Environment

Sensors ◽  
2019 ◽  
Vol 19 (16) ◽  
pp. 3598 ◽  
Author(s):  
SungJin Yu ◽  
KiSung Park ◽  
YoungHo Park
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Internet Security ◽  
Authentication Scheme ◽  
Sensitive Information ◽  
Computing Environment ◽  
Session Key ◽  
Cloud Computing Environment ◽  
Smart Healthcare ◽  
Three Factor

With the development of cloud computing and communication technology, users can access the internet of things (IoT) services provided in various environments, including smart home, smart factory, and smart healthcare. However, a user is insecure various types of attacks, because sensitive information is often transmitted via an open channel. Therefore, secure authentication schemes are essential to provide IoT services for legal users. In 2019, Pelaez et al. presented a lightweight IoT-based authentication scheme in cloud computing environment. However, we prove that Pelaez et al.’s scheme cannot prevent various types of attacks such as impersonation, session key disclosure, and replay attacks and cannot provide mutual authentication and anonymity. In this paper, we present a secure and lightweight three-factor authentication scheme for IoT in cloud computing environment to resolve these security problems. The proposed scheme can withstand various attacks and provide secure mutual authentication and anonymity by utilizing secret parameters and biometric. We also show that our scheme achieves secure mutual authentication using Burrows–Abadi–Needham logic analysis. Furthermore, we demonstrate that our scheme resists replay and man-in-the-middle attacks usingthe automated validation of internet security protocols and applications (AVISPA) simulation tool. Finally, we compare the performance and the security features of the proposed scheme with some existing schemes. Consequently, we provide better safety and efficiency than related schemes and the proposed scheme is suitable for practical IoT-based cloud computing environment.

scholarly journals Formal security analysis of lightweight authenticated key agreement protocol for IoT in cloud computing

2021 ◽  
Vol 24 (1) ◽  
pp. 621
Author(s):  
Ahmed H. Aly ◽  
Atef Ghalwash ◽  
Mona M. Nasr ◽  
Ahmed A. Abd-El Hafez
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Internet Security ◽  
Cyber Attacks ◽  
Session Key ◽  
Sensitive Data ◽  
Processing Power ◽  
Iot Devices

The internet of things (IoT) and cloud computing are evolving technologies in the information technology field. Merging the pervasive IoT technology with cloud computing is an innovative solution for better analytics and decision-making. Deployed IoT devices offload different types of data to the cloud, while cloud computing converges the infrastructure, links up the servers, analyzes information obtained from the IoT devices, reinforces processing power, and offers huge storage capacity. However, this merging is prone to various cyber threats that affect the IoT-Cloud environment. Mutual authentication is considered as the forefront mechanism for cyber-attacks as the IoT-Cloud participants have to ensure the authenticity of each other and generate a session key for securing the exchanged traffic. While designing these mechanisms, the constrained nature of the IoT devices must be taken into consideration. We proposed a novel lightweight protocol (Light-AHAKA) for authenticating IoT-Cloud elements and establishing a key agreement for encrypting the exchanged sensitive data was proposed. In this paper, the formal verification of (Light-AHAKA) was presented to prove and verify the correctness of our proposed protocol to ensure that the protocol is free from design flaws before the deployment phase. The verification is performed based on two different approaches, the strand space model and the automated validation of internet security protocols and applications (AVISPA) tool.

scholarly journals A Robust IoT-Based Three-Factor Authentication Scheme for Cloud Computing Resistant to Session Key Exposure

2020 ◽  
Vol 2020 ◽  
pp. 1-15 ◽  
Author(s):  
Feifei Wang ◽  
Guosheng Xu ◽  
Guoai Xu ◽  
Yuejie Wang ◽  
Junhao Peng
Keyword(s):  
Cloud Computing ◽  
Resource Sharing ◽  
Secure Communication ◽  
Formal Analysis ◽  
Mutual Authentication ◽  
Authentication Scheme ◽  
User Privacy ◽  
Session Key ◽  
Three Factor ◽  
Key Exposure

With the development of Internet of Things (IoT) technologies, Internet-enabled devices have been widely used in our daily lives. As a new service paradigm, cloud computing aims at solving the resource-constrained problem of Internet-enabled devices. It is playing an increasingly important role in resource sharing. Due to the complexity and openness of wireless networks, the authentication protocol is crucial for secure communication and user privacy protection. In this paper, we discuss the limitations of a recently introduced IoT-based authentication scheme for cloud computing. Furthermore, we present an enhanced three-factor authentication scheme using chaotic maps. The session key is established based on Chebyshev chaotic-based Diffie–Hellman key exchange. In addition, the session key involves a long-term secret. It ensures that our scheme is secure against all the possible session key exposure attacks. Besides, our scheme can effectively update user password locally. Burrows–Abadi–Needham logic proof confirms that our scheme provides mutual authentication and session key agreement. The formal analysis under random oracle model proves the semantic security of our scheme. The informal analysis shows that our scheme is immune to diverse attacks and has desired features such as three-factor secrecy. Finally, the performance comparisons demonstrate that our scheme provides optimal security features with an acceptable computation and communication overheads.

C-MAS: The Cloud Mutual Authentication Scheme

2013 ◽  
Vol 756-759 ◽  
pp. 3209-3214
Author(s):  
Zhen Peng Liu ◽  
Feng Long Wu ◽  
Kai Yu Shang ◽  
Wen Lei Chai
Keyword(s):  
Cloud Computing ◽  
Trusted Computing ◽  
Mutual Authentication ◽  
Computing Time ◽  
Cloud Service ◽  
Authentication Scheme ◽  
Session Key ◽  
Service Platform ◽  
Cloud Computing Environment ◽  
Cloud Computing Service

A cloud mutual authentication scheme (C-MAS) is proposed to solve the problem of authentication between user and cloud computing server. Trusted computing technology and traditional smart card methods are used in cloud computing service platform. The scheme completes the authentication of both sides in cloud computing, generates the session key according consulting, at the same time, verifies the credibility of cloud service platform. Analysis shows that our scheme can resist various kinds of possible attacks, so it is therefore more secure than other schemes. And the computing time meet the requirements of cloud computing environment.

A Rabin Cryptosystem-Based Lightweight Authentication Protocol and Session Key-Generation Scheme for IoT Deployment

2022 ◽  
pp. 88-106
Author(s):  
Priyanka Ahlawat ◽  
Ankit Attkan
Keyword(s):  
Sensor Network ◽  
Mutual Authentication ◽  
Sensitive Information ◽  
Session Key ◽  
Processing Power ◽  
Almost Complex ◽  
Man In The Middle ◽  
Key Leakage ◽  
Active Attacks ◽  
Lightweight Authentication

Handling unpredictable attack vulnerabilities in self-proclaiming secure algorithms in WSNs is an issue. Vulnerabilities provide loop holes for adversary to barge in the privacy of the network. Attacks performed by the attacker can be active or passive. Adversary may listen to the sensitive information and exploit its confidentiality which is passive, or adversary may modify sensitive information being transferred over a WSN in case of active attacks. As Internet of things has basically three layers, middle-ware layer, Application layer, perceptron layer, most of the attacks are observed to happen at the perceptron layer in case of both wireless sensor network and RFID Tag implication Layer. Both are a major part of the perceptron layer that consist a small part of the IoT. Some of the major attack vulnerabilities are exploited by executing the attacks through certain flaws in the protocol that are difficult to identify and almost complex to identify in complicated bigger protocols. As most of the sensors are resource constrained in terms of memory, battery power, processing power, bandwidth and due to which implementation of complex cryptosystem to keep the data being transferred secure is a challenging phase. The three main objectives studied in this scenario are setting up the system, registering user and the sensors via multiple gateways. Generating a common key which can be used for a particular interaction session among user, gateway and the sensor network. In this paper, we address one or more of these objectives for some of the fundamental problems in authentication and mutual authentication phase of the WSN in IoT deployment. We prevent the leakage of sensitive information using the rabin cryptosystem to avoid attacks like Man-in-the-middle attack, sensor session key leakage, all session hi-jacking attack and sniffing attacks in which data is analyzed maliciously by the adversary. We also compare and prove the security of our protocol using proverif protocol verifier tool.

scholarly journals Secure Key Agreement and Authentication Protocol for Message Confirmation in Vehicular Cloud Computing

2020 ◽  
Vol 10 (18) ◽  
pp. 6268
Author(s):  
JoonYoung Lee ◽  
SungJin Yu ◽  
MyeongHyun Kim ◽  
YoungHo Park ◽  
SangWoo Lee ◽  
...  
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Internet Security ◽  
Malicious Attacks ◽  
Session Key ◽  
Vehicular Cloud Computing ◽  
Vehicular Cloud ◽  
Man In The Middle

With the development of vehicular ad-hoc networks (VANETs) and Internet of vehicles (IoVs), a large amount of useful information is generated for vehicle drivers and traffic management systems. The amount of vehicle and traffic information is as large as the number of vehicles and it is enormous when compared to vehicle calculation and storage performance. To resolve this problem, VANET uses a combined cloud computing technology, called vehicular cloud computing (VCC), which controls vehicle-related data, and helps vehicle drivers directly or indirectly. However, VANETs remain vulnerable to attacks such as tracking, masquerade and man-in-the-middle attacks because VANETs communicate via open networks. To overcome these issues, many researchers have proposed secure authentication protocols for message confirmation with vehicular cloud computing. However, many researchers have pointed out that some proposed protocols use ideal tamper-proof devices (TPDs). They demonstrated that realistic TPDs cannot prevent adversaries attack. Limbasiya et al. presented a message confirmation scheme for vehicular cloud computing using a realistic TPD in order to prevent these problems. However, their proposed scheme still has security weaknesses over a TPD and does not guarantee mutual authentication. This paper proposes a secure key agreement and authentication protocol to address the security weaknesses inherent in the protocol of Limbasiya et al. The suggested protocol withstands malicious attacks and ensures secure mutual authentication for privacy-preserving. We prove that the proposed protocol can provide session key security using Real-Or-Random (ROR) model. We also employed Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool to show that the proposed protocol is able to defeat replay and man-in-the-middle attacks. Furthermore, we established that the proposed protocol can resist other malicious attacks by conducting the informal security analysis. We proved that our proposed protocol is lightweight and suitable for VCC environments.

Secure Mechanisms for Key Shares in Cloud Computing

2018 ◽  
Vol 5 (3) ◽  
pp. 21-41
Author(s):  
Amar Buchade ◽  
Rajesh Ingle
Keyword(s):  
Cloud Computing ◽  
Key Management ◽  
Virtual Machines ◽  
The Novel ◽  
Management Algorithm ◽  
Cryptographic Algorithm ◽  
Key Leakage

The protection of the key is important due to the vulnerabilities which exist in cloud computing. In this article, algorithms and techniques for protection of the key in cloud computing are proposed. The algorithms to select the number of virtual machines is presented to protect the key. The existing key management algorithm is modified to address the key leakage issue. The novel techniques such as validation of key shares and key share resharing are introduced and analyzed for protection of the key. These techniques make the attackers incompetence to reconstruct the key. Further, for immediate access of protected resources, key reconstruction for key sizes of a cryptographic algorithm is also analyzed.

Sign in / Sign up

Export Citation Format

Share Document