Online citations, reference lists, and bibliographies.
Please confirm you are human
(Sign Up for free to never see this)
← Back to Search

An Enhanced User Authentication Protocol Based On Elliptic Curve Cryptosystem In Cloud Computing Environment

Chenyu Wang, Ke Ding, B. Li, Y. Zhao, Guoai Xu, Y. Guo, P. Wang
Published 2018 · Computer Science

Save to my Library
Download PDF
Analyze on Scholarcy
Share
With the popularity of cloud computing, information security issues in the cloud environment are becoming more and more prominent. As the first line of defense to ensure cloud computing security, user authentication has attracted extensive attention. Though considerable efforts have been paid for a secure and practical authentication scheme in cloud computing environment, most attempts ended in failure. The design of a secure and efficient user authentication scheme for cloud computing remains a challenge on the one hand and user’s smart card or mobile devices are of limited resource; on the other hand, with the combination of cloud computing and the Internet of Things, applications in cloud environments often need to meet various security requirements and are vulnerable to more attacks. In 2018, Amin et al. proposed an enhanced user authentication scheme in cloud computing, hoping to overcome the identified security flaws of two previous schemes. However, after a scrutinization of their scheme, we revealed that it still suffers from the same attacks (such as no user anonymity, no forward secrecy, and being vulnerable to offline dictionary attack) as the two schemes they compromised. Consequently, we take the scheme of Amin et al. (2018) as a study case, we discussed the inherent reason and the corresponding solutions to authentication schemes for cloud computing environment in detail. Next, we not only proposed an enhanced secure and efficient scheme, but also explained the design rationales for a secure cloud environment protocol. Finally, we applied BAN logic and heuristic analysis to show the security of the protocol and compared our scheme with related schemes. The results manifest the superiority of our scheme.
This paper references
10.1007/978-3-642-33469-6_34
Comments on an Advanced Dynamic ID-Based Authentication Scheme for Cloud Computing
Ding Wang (2012)
10.1109/JSYST.2014.2322973
A Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services
Jia-Lun Tsai (2015)
10.1002/sec.1573
Provably secure user authentication and key agreement scheme for wireless sensor networks
A. K. Das (2016)
10.1145/77648.77649
A logic of authentication
M. Burrows (1990)
10.3390/s17122946
An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks
Chenyu Wang (2017)
10.1109/ICICS.2013.6782791
A user authentication scheme on multi-server environments for cloud computing
Jen-Ho Yang (2013)
10.1109/TDSC.2013.2297110
Robust Multi-Factor Authentication for Fragile Communications
Xinyi Huang (2014)
10.1002/dac.2468
Security flaws in two improved remote user authentication schemes using smart cards
C. Ma (2014)
10.1109/TII.2018.2834351
Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks
Ding Wang (2018)
Draft nist working definition of cloud computing,”National
T. Mell (2009)
10.1109/ACCESS.2017.2764913
On the Design of Provably Secure Lightweight Remote User Authentication Scheme for Mobile Cloud Computing Services
S. Roy (2017)
10.1109/TIFS.2016.2573746
Efficient and Anonymous Mobile User Authentication Protocol Using Self-Certified Public Key Cryptography for Multi-Server Architectures
D. He (2016)
10.1016/j.compeleceng.2017.03.016
Efficient end-to-end authentication protocol for wearable health monitoring systems
Qi Jiang (2017)
10.1109/TDSC.2014.2355850
Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment
Ding Wang (2015)
10.1155/2017/1619741
Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card
Chenyu Wang (2017)
10.1002/dac.3336
A lightweight password-based authentication protocol using smart card
Chenyu Wang (2017)
10.1155/2018/9062675
A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment
Chenyu Wang (2018)
10.1007/s11227-017-2048-0
A secure authentication scheme based on elliptic curve cryptography for IoT and cloud servers
S. Kumari (2018)
10.1016/j.comcom.2010.02.031
A strong user authentication scheme with smart cards for wireless communications
Daojing He (2011)
10.1002/sec.1591
Provably secure biometric-based user authentication and key agreement scheme in cloud computing
M. Wazid (2016)
10.1109/TIFS.2017.2721359
Zipf’s Law in Passwords
Ding Wang (2017)
10.1016/j.future.2016.12.028
A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment
R. Amin (2018)
10.1016/j.comnet.2014.07.010
On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions
Ding Wang (2014)
10.1007/S11277-017-4203-6
A Novel Smart Card Based User Authentication and Key Agreement Scheme for Heterogeneous Wireless Sensor Networks
Y. Lu (2017)
10.1002/sec.573
A new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography
M. Khan (2012)
10.1002/dac.2853
Design of a user anonymous password authentication scheme without smart card
S. Kumari (2016)
10.1007/s10916-012-9897-0
A Privacy Enhanced Authentication Scheme for Telecare Medical Information Systems
Qi Jiang (2012)
10.1109/TDSC.2016.2605087
Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound
Ding Wang (2018)
10.1109/IIH-MSP.2014.31
An ID-Based User Authentication Scheme for Cloud Computing
Jen-Ho Yang (2014)
10.1002/sec.1653
An enhanced multi-server authentication protocol using password and smart-card: cryptanalysis and design
Tanmoy Maitra (2016)
10.1016/j.eswa.2013.08.040
An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics
Ming-Chin Chuang (2014)
A Novel Smart Card Based User Authentication and Key Agreement Scheme for HeterogeneousWireless Sensor Networks,”Wireless
Y. Lu (2017)
10.1002/sec.1214
A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity
X. Li (2016)
10.1016/j.jnca.2016.10.001
An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks
Qi Jiang (2016)
10.1016/j.compeleceng.2017.04.012
A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server
F. Wu (2017)
10.1109/JSYST.2016.2585681
On the Challenges in Designing Identity-Based Privacy-Preserving Authentication Schemes for Mobile Devices
Ding Wang (2018)
10.3837/tiis.2015.07.022
Towards Smart Card Based Mutual Authentication Schemes in Cloud Computing
Haoxing Li (2015)
10.1016/j.comnet.2016.01.006
Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks
R. Amin (2016)
10.1007/s12652-017-0516-2
Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems
Qi Jiang (2018)
10.1109/MUE.2011.69
An Advanced ECC Dynamic ID-Based Remote Mutual Authentication Scheme for Cloud Computing
Tien-Ho Chen (2011)
10.1109/JIOT.2017.2723915
Robust Anonymous Mutual Authentication Scheme for n-Times Ubiquitous Mobile Cloud Computing Services
P. Gope (2017)
10.1016/j.future.2016.09.009
Provably secure authenticated key agreement scheme for distributed mobile cloud computing services
Vanga Odelu (2017)
10.1016/j.jcss.2013.07.004
A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture
K. Xue (2014)
10.1016/j.future.2016.10.004
Design of a provably secure biometrics-based multi-cloud-server authentication scheme
S. Kumari (2017)



This paper is referenced by
Semantic Scholar Logo Some data provided by SemanticScholar