Abstract
The rapid growth of smart-phone users, mobile services and mobile applications, poses the challenges of storage space, processing capability, and battery lifetime at the users smart phones. Mobile cloud computing helps to overcome these challenges. Presently, when a mobile user wants to subscribe to various Multimedia based cloud service providers (MBCSPs), he/she need to register separately for each of MBCSP. Although one can use single sign-on methods, they are unreliable due to the presence of any untrusted server. Hence, we propose a three-factor mobile user authentication protocol for Distributed Multimedia based cloud services. Our proposed method consists of strong authentication between the mobile user and multimedia-based cloud service providers using session key agreement, choice-based MBCSPs registration, initial mobile user identity registration checking, time of validity for secret key issued by Registration center (RC) to mobile user and time of validity for secret key issued by RC to MBCSPs respectively. We have verified our protocol with various attack scenarios using informal analysis, formal proof using BurrowsAbadiNeedham (BAN) logic and formal security analysis using Automated Validation of Internet Security Protocols and Applications tool (AVISPA) respectively. Our proposed protocol provides better performance and foolproof security.
Similar content being viewed by others
References
Amin R, Biswas G (2015) Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment. Wirel Personal Commun 84(1):439–462
Amin R, Islam SH, Biswas G, Giri D, Khan MK, Kumar N (2016) A more secure and privacy-aware anonymous user authentication scheme for distributed mobile cloud computing environments. Secur Commun Netw 9(17):4650–4666
Armando A, Basin D, Cuellar J, Rusinowitch M, Viganò L (2006) Avispa: automated validation of internet security protocols and applications. ERCIM News 64:66–67
Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Kilian J (ed) Annual international cryptology conference, Springer, Berlin, Heidelberg, pp 213–229
Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8(1):18–36
Chaudhry SA (2016) A secure biometric based multi-server authentication scheme for social multimedia networks. Multimed Tools Appl 75(20):12705–12725
Chaudhry SA, Kim IL, Rho S, Farash MS, Shon T (2017) An improved anonymous authentication scheme for distributed mobile cloud computing services. Cluster Computing 22(1):1595–1609
Chuang MC, Chen MC (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst Appl 41(4):1411–1418
Peck DD (1997) Multimedia; A Hands-on introduction. International Thomson Publishing, pp 3–4
Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: International conference on the theory and applications of cryptographic techniques, Springer, pp 523–540
Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
Eisenbarth T, Kasper T, Moradi A, Paar C, Salmasizadeh M, Shalmani MTM (2008) On the power of power analysis in the real world: a complete break of the keeloq code hopping scheme. In: Annual international cryptology conference, Springer, pp 203–220
Fujisaki E, Okamoto T (1999) Secure integration of asymmetric and symmetric encryption schemes. In: Annual international cryptology conference, Springer, pp 537–554
He D, Wang D (2014) Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823
He D, Wu S (2013) Security flaws in a smart card based authentication scheme for multi-server environment. Wirel Personal Commun 70(1):323–329
He D, Kumar N, Khan MK, Wang L, Shen J (2016) Efficient privacy-aware authentication scheme for mobile cloud computing services. IEEE Syst J 12(2):1621–1631
Hsiang HC, Shih WK (2009) Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment. Comput Stand Interfaces 31(6):1118–1123
Hsieh WB, Leu JS (2014) An anonymous mobile user authentication protocol using self-certified public keys based on multi-server architectures. J Supercomput 70(1):133–148
Jegadeesan S, Azees M, Kumar PM, Manogaran G, Chilamkurti N, Varatharajan R, Hsu CH (2019) An efficient anonymous mutual authentication technique for providing secure communication in mobile cloud computing for smart city applications. Sustain Cities Soc 49:101522
Jiang Q, Ma J, Wei F (2016) On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 12(2):2039–2042
Kumar C, Dudyala AK (2015) Bank note authentication using decision tree rules and machine learning techniques. In: 2015 International conference on advances in computer engineering and applications, IEEE, pp 310–314
Lee CC, Lin TH, Chang RX (2011) A secure dynamic id based remote user authentication scheme for multi-server environment using smart cards. Expert Syst Appl 38(11):13863–13870
Li CT, Hwang MS (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5
Li X, Niu JW, Ma J, Wang WD, Liu CL (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(1):73–79
Li X, Xiong Y, Ma J, Wang W (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769
Li X, Ma J, Wang W, Xiong Y, Zhang J (2013) A novel smart card and dynamic id based remote user authentication scheme for multi-server environments. Mathe Comput Model 58(1–2):85–95
Li X, Niu J, Kumari S, Liao J, Liang W (2015) An enhancement of a smart card authentication scheme for multi-server architecture. Wirel Personal Commun 80(1):175–192
Liao YP, Wang SS (2009) A secure dynamic id based remote user authentication scheme for multi-server environment. Comput Stand Interfaces 31(1):24–29
Lu Y, Li L, Peng H, Yang Y (2015a) A biometrics and smart cards-based authentication scheme for multi-server environments. Security Commun Netw 8(17):3219–3228
Lu Y, Li L, Yang X, Yang Y (2015b) Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards. PLoS One 10(5):e0126323
Ma Z, Liu Y, Wang Z, Ge H, Zhao M (2018) A machine learning-based scheme for the security analysis of authentication and key agreement protocols. Neural Comput Appl. https://doi.org/10.1007/s00521-018-3929-8
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Mishra D, Das AK, Mukhopadhyay S (2014) A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst Appl 41(18):8129–8143
Naor M, Yung M (1989) Universal one-way hash functions and their cryptographic applications. In: Proceedings of the twenty-first annual ACM symposium on theory of computing, ACM, pp 33–43
Nawrocki P, Sniezynski B (2018) Adaptive service management in mobile cloud computing by means of supervised and reinforcement learning. J Netw Syst Manag 26(1):1–22
Odelu V, Das AK, Goswami A (2015) A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans Inform Forensics Secur 10(9):1953–1966
Pippal RS, Jaidhar C, Tapaswi S (2013) Robust smart card authentication scheme for multi-server architecture. Wirel Personal Commun 72(1):729–745
Reddy AG, Yoon EJ, Das AK, Odelu V, Yoo KY (2017) Design of mutually authenticated key agreement protocol resistant to impersonation attacks for multi-server environment. IEEE Access 5:3622–3639
Roy S, Chatterjee S, Das AK, Chattopadhyay S, Kumar N, Vasilakos AV (2017) On the design of provably secure lightweight remote user authentication scheme for mobile cloud computing services. IEEE Access 5:25808–25825
Sood SK, Sarje AK, Singh K (2011) A secure dynamic identity based authentication protocol for multi-server architecture. J Netw Comput Appl 34(2):609–618
Tsai JL, Lo NW (2015) A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 9(3):805–815
Wang B, Ma M (2013) A smart card based efficient and secured multi-server authentication scheme. Wirel Personal Commun 68(2):361–378
Wang C, Zhang X, Zheng Z (2016) Cryptanalysis and improvement of a biometric-based multi-server authentication and key agreement scheme. Plos One 11(2):e0149173
Xu D, Chen J, Liu Q (2019) Provably secure anonymous three-factor authentication scheme for multi-server environments. J Am Int Human Comput 10(2):611–627
Xue K, Hong P, Ma C (2014) A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J Comput Syst Sci 80(1):195–206
Yeh KH, Lo NW, Li Y (2011) Cryptanalysis of hsiang-shih’s authentication scheme for multi-server architecture. Int J Commun Syst 24(7):829–836
Zhou B, Buyya R (2018) Augmentation techniques for mobile cloud computing: a taxonomy, survey, and future directions. ACM Comput Surv (CSUR) 51(1):13
Zhu W, Luo C, Wang J, Li S (2011) Multimedia cloud computing. IEEE Signal Process Mag 28(3):59–69
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Vivekanandan, M., Sastry, V.N. & Srinivasulu Reddy, U. Efficient user authentication protocol for distributed multimedia mobile cloud environment. J Ambient Intell Human Comput 11, 1933–1956 (2020). https://doi.org/10.1007/s12652-019-01467-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-019-01467-z