International Journal of Computer Science and Business Informatics

Abstract- The growth of mobile cloud computing users is rapid and now many mobile users utilize from mobile cloud computing technology. This technology makes mobile users stronger beyond the mobile computing capabilities. The security risks have become a hurdle in the rapid adaptability of the mobile cloud computing technology. Significant efforts have been devoted in research organizations and academia to securing the mobile cloud computing technology. In this paper we proposed a lightweight and efficient authentication protocol for mobile cloud environment. According to significant advantages of ECC (elliptic curve cryptosystem), it has been adopted through this paper. Our proposed protocol has many advantages such as: supporting user anonymity, identity management and also resistance against related attacks such as replay attack, stolen verifier attack, modification attack, server spoofing attack and so on.

References

. Momeni, M. R., 2015. A Survey of Mobile Cloud Computing: Advantages, Challenges and Approaches. International Journal of Computer Science and Business Informatics, special issue: Vol. 15, No. 4, pp. 14-28.

. L. Lamport, Password authentication with insecure communication, Communications of the ACM 24 (11) (1981) 770–772.

. M. Peyravian, N. Zunic, Methods for protecting password transmission, Computers and Security 19 (5) (2000) 466–469.

. C.C. Lee, L.H. Li, M.S. Hwang, A remote user authentication scheme using hash functions, ACM Operating Systems Review 36 (4) (2002) 23–29.

. W.C. Ku, C.M. Chen, H.L. Lee, Weaknesses of Lee–Li–Hwang’s Hash-based password authentication scheme, ACM Operating Systems Review 37 (4) (2003) 19–25.

. E.J. Yoon, E.K. Ruy, K.Y. Roo, A secure user authentication scheme using hash functions, ACM Operating Systems Review 38 (2) (2004) 62–68.

. W.C. Ku, M.H. Chaing, S.T. Chang, Weaknesses of Yoon–Ryu–Yoo’s hash-based password authentication scheme, ACM Operating Systems Review 39 (1) (2005) 85–89.

. J.J. Hwang, T.C. Yeh, Improvement on Peyravian–Zunic’s password authentication schemes, IEICE Transactions on Communications E85-B (4) (2002) 823–825.

. W.C. Ku, C.M. Chen, L. Hui, Cryptanalysis of a variant of Peyravian–Zunic’s password authentication scheme, IEICE Transactions on Communications E86-B (5) (2002) 1682–1684.

. C.L. Lin, T. Hwang, A password authentication scheme with secure password updating, Computers and Security 22 (1) (2003) 68–72.

. M. Peyravian, C. Jeffries, Secure remote user access over insecure networks, Computer Communications 29 (5) (2006) 660–667.

. K.A. Shim, Security flaws of remote user access over insecure networks, Computer communications 30 (1) (2006) 117–121.

. L. Zhu, S. Yu, X. Zhang, Improvement upon mutual password authentication scheme, International seminar on business and information management, 2008, pp. 400–403.

. Momeni, M. R., 2014. A Lightweight Authentication Scheme for Mobile Cloud Computing. International Journal of Computer Science and Business Informatics, Vol. 14, No. 2, pp. 153-160.

. D. Wanga, Chun-guang, Cryptanalysis of a remote user authentication scheme for mobile client–server environment based on ECC, Information Fusion 14 (2013) 498–503.

. Giridhar, P. Kumar, Distributed clock synchronization over wireless networks: algorithms and analysis, in: Proceedings of the 45th IEEE Conference on Decision and Control, IEEE, 2006, pp. 4915–4920.

. D. Mills, Internet time synchronization: the network time protocol, IEEE Transactions on Communications 39 (10) (1991) 1393–1482.

. J. Han, D. Jeong, A practical implementation of IEEE 1588–2008 transparent clock for distributed measurement and control systems, IEEE Transactions on Instrumentation and Measurement 59 (2) (2010) 433–439.

. R. Baldoni, A. Corsaro, L. Querzoni, S. Scipioni, S. Piergiovanni, Coupling-based internal clock synchronization for large-scale dynamic distributed systems, IEEE Transactions on Parallel and Distributed Systems 21 (5) (2010) 607–619.

. SK Hafizul Islam, G.P. Biswas, Design of improved password authentication and update scheme based on elliptic curve cryptography, Mathematical and Computer Modelling 57 (2013) 2703–2717.