On the Security of a Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services

IEEE Systems Journal

Volumn 12, Issue 2, 2018, Pages 2039-2042

  Jiang, Qi ^a   Ma, Jianfeng ^a   Wei, Fushan ^b,c  

^a XIDIAN UNIVERSITY   (China)

^b NANJING UNIVERSITY OF INFORMATION SCIENCE AND TECHNOLOGY   (China)

^c STATE KEY LABORATORY OF MATHEMATICAL ENGINEERING AND ADVANCED COMPUTING   (China)

Author keywords

Authentication; bilinear pairing; mobile cloud computing; security; user anonymity; user untraceability

Indexed keywords

AUTHENTICATION; CLOUD COMPUTING; SMART CARDS;

AUTHENTICATION SCHEME; FUTURE DESIGNS; IMPERSONATION ATTACK; MOBILE CLOUDS; MUTUAL AUTHENTICATION; SECURITY THREATS; SERVICE PROVIDER; USER REVOCATION;

MOBILE CLOUD COMPUTING;

EID: 84976285479     PISSN: 19328184     EISSN: 19379234     Source Type: Journal    
DOI: 10.1109/JSYST.2016.2574719     Document Type: Article

References (24)

1. H. T. Dinh et al., "A survey of mobile cloud computing: Architecture, applications, and approaches," Wireless Commun. Mobile Comput., vol. 13, no. 18, pp. 1587-1611, 2013.
2. N. Fernando, S. W. Loke, and W. Rahayu, "Mobile cloud computing: A survey," Future Gener. Comput. Sys., vol. 29, no. 1, pp. 84-106, 2013.
3. H. Li, Y. Dai, L. Tian, and H. Yang, "Identity-based authentication for cloud computing," in Proc. Cloud Comput., 2009, pp. 157-166.
4. Q. Jiang, M. K. Khan, X. Lu, J. Ma, and D. He, "A privacy preserving three-factor authentication protocol for e-health clouds," J. Supercomput., 2016. DOI: 10.1007/s11227-015-1610-x.
5. D. He, S. Zeadally, N. Kumar, and J.-H. Lee, "Anonymous authentication for wireless body area networks with provable security," IEEE Syst. J., 2016. DOI: 10.1109/JSYST.2016.2544805.
6. Q. Jiang, J. Ma, X. Lu, and Y. Tian, "An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks," Peer-to-Peer Netw. Appl., vol. 8, no. 6, pp. 1070-1081, 2015
7. Microsoft,Windows Live ID. (2011). [Online]. Available: https://account. live.com/.
8. OpenID Foundation, OpenID Authentication 2.0. (2007). [Online]. Available: http://openid.net/specs/openid-authentication-20.html
9. J. L. Tsai and N. W. Lo, "A privacy-aware authentication scheme for distributed mobile cloud computing services," IEEE Syst. J., vol. 9, no. 3, pp. 805-815, Sep. 2015.
10. D. Boneh and M. Franklin, "Identity-based encryption from theWeilpairing," in Proc. Adv. Cryptol., 2001, vol. 2139, pp. 213-229.
11. K. Lauter, "The advantages of elliptic curve cryptography for wireless security," IEEE Wireless Commun., vol. 11, no. 1, pp. 62-67, Feb. 2004.
12. D. He, S. Zeadally, and L. Wu. "Certificateless public auditing scheme for cloud-assisted wireless body area networks," IEEE Syst. J., 2015, DOI: 10.1109/JSYST.2015.2428620.
13. B. S. Abhilasha, S. Anna, and M. Shimon, "Privacy preserving multifactor authentication with biometrics," J. Comput. Security, vol. 15, no. 5, pp. 529-560, 2007.
14. D. He, N. Kumar, J.-H. Lee, and R. Sherratt, "Enhanced three-factor security protocol for USB consumer storage devices," IEEE Trans. Consum. Electron., vol. 60, no. 1, pp. 30-37, Feb. 2014.
15. D. He and D. Wang, "Robust biometrics-based authentication scheme for multiserver environment," IEEE Syst. J., vol. 9, no. 3, pp. 816-823, Sep. 2015.
16. V. Odelu, A. K. Das, and A. Goswami, "A secure biometrics-based multiserver authentication protocol using smart cards," IEEE Trans. Inf. Forensics Secur., vol. 10, no. 9, pp. 1953-1966, Sep. 2015.
17. X. Huang, Y. Xiang, A. Chonka, J. Zhou, and R. H. Deng, "A generic framework for three-factor authentication: Preserving security and privacy in distributed systems," IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 8, pp. 1390-1397, Aug. 2011.
18. Q. Jiang et al., "Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy," Nonlinear Dyn., vol. 83, no. 4, pp. 2085-2101, 2016.
19. J. Yu, G. Wang, Y. Mu, and W. Gao, "An efficient and improved generic framework for three-factor authentication with provably secure instantiation, " IEEE Trans. Inf. Forensics Security, vol. 9, no. 12, pp. 2302-2313, Dec. 2014.
20. Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," in Proc. Adv. Cryptol., 2004, pp. 523-540.
21. A. Juels and M. Sudan, "A fuzzy vault scheme," in Proc. Int. Symp. Inf. Theory, 2002, p. 408.
22. T. C. Clancy, "Secure smartcard-based fingerprint authentication," in Proc. ACM Workshop Biometrics: Methods Appl., 2003, pp. 45-52.
23. D. Wang, D. He, P. Wang, and C.-H. Chu, "Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment," IEEE Trans. Dependable Secure Comput., vol. 12, no. 4, pp. 428-442, Jul./Aug. 2015.
24. D. Wang and P. Wang, "On the usability of two-factor authentication," in Proc. 10th Int. Conf. Security Privacy Commun. Netw., Sep. 24-26, 2014, pp. 141-150.