Professional Documents
Culture Documents
3, SEPTEMBER 2015
IEEE Transaction on Cloud Computing @ 2016
805
A Privacy-Aware
Authentication
for
Privacy
Authentication
Scheme forScheme
Distributed
Distributed Mobile Cloud
Cloud Computing Services
Jia-Lun Tsai and Nai-Wei Lo
I. I NTRODUCTION
Manuscript received April 24, 2013; revised January 15, 2014; accepted
April 2, 2014. Date of publication May 21, 2015; date of current version
June 18, 2015. This work was supported in part by the Taiwan Information
Security Center and in part by the National Science Council of Taiwan under
Grants MOST 102-2218-E-011-013 and MOST 103-2221-E-011-091-MY2.
The authors are with the Department of Information Management, National
Taiwan University of Science and Technology, Taipei 106, Taiwan (e-mail:
crousekimo@yahoo.com.tw; nwlo@cs.ntust.edu.tw).
Digital Object Identifier 10.1109/JSYST.2014.2322973
1932-8184 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
806
TSAI AND LO: AUTHENTICATION SCHEME FOR DISTRIBUTED MOBILE CLOUD COMPUTING SERVICES
807
808
TABLE I
S YMBOL N OTATION
1
P.
s + H1 (IDi )
(1)
for each user Ui (or service provider SPj ). Next, SCG sends Si
(or Sj ) back to the user Ui (or service provider SPj ) through
a secure channel. If a user Ui obtains his/her privacy key
from SCG, he/she computes Ei = Si h(PWi fi ) and then
(2)
(4)
(5)
si =
1
Si
b + H3 (IDi ZIDj wKij )
(6)
(7)
(9)
TSAI AND LO: AUTHENTICATION SCHEME FOR DISTRIBUTED MOBILE CLOUD COMPUTING SERVICES
Fig. 4.
809
(10)
(11)
(12)
A. Security Model
Let P i {Ui , SPj } be an instance i of a participant P . Any
instance of each entity is seen as an oracle in this security
model, while it is also assumed that the probabilistic polynomial adversary A potentially controls all communications between the mobile user and the service provider. The capacities
of the adversary are defined as follows. Further details of the
security model can be found in [42] and [43].
1) Extract(IDi ): This query allows the adversary A to
obtain the private key corresponding to identity IDi .
2) Send(M, P i ): This query models that an adversary A
can send any message M to the oracle. Upon receiving
the message M , the oracle returns the computation result
to the adversary A.
3) H i (m): When an adversary A sends a message m to the
hash query, the oracle returns r and then stores (m, r) in
a hash list LHi , where r is a random number, and LHi is
initially empty.
4) Reveal(P i ): This query allows an adversary A to learn
a session key Kij from an oracle if the oracle receives a
Reveal query request from adversary A.
5) Corrupt(P i ): This query allows an adversary A to
corrupt the party P i and obtain the private key of the
corrupted party P i .
6) T est(P i ): This query models the semantic security of
the session key. In this query, when the oracle receives the
test query request from an adversary A, the oracle flips a
810
TABLE II
S IMULATION OF H ASH Q UERY
TABLE III
S IMULATION OF S END Q UERY
TABLE IV
S IMULATION OF E XECUTE , R EVEAL , AND T EST Q UERIES
Theorem 1: Let H1 , H2 , H3 , and H4 be four random oracles. If an adversary A can successfully violate the schemes
TSAI AND LO: AUTHENTICATION SCHEME FOR DISTRIBUTED MOBILE CLOUD COMPUTING SERVICES
811
812
PrU2SP .
2
Obviously, Pr[Ask Test(SPj )E U2SP ] = 0, and we have
TSAI AND LO: AUTHENTICATION SCHEME FOR DISTRIBUTED MOBILE CLOUD COMPUTING SERVICES
813
TABLE V
C OMPARISONS W ITH OTHER E XISTING S CHEMES IN T ERMS OF S ECURITY P ROPERTIES
TABLE VI
E FFICIENCY A NALYSIS OF THE P ROPOSED S CHEME
814
Jia-Lun Tsai received the M.S. degree from National Chiao Tung University, Hsinchu, Taiwan, in
2007 and the Ph.D. degree from National Taiwan
University of Science and Technology (NTUST),
Taipei, Taiwan, in 2013.
He is currently with the Department of Information Management, NTUST and Taiwan Information
Security Center at National Taiwan University of
Science and Technology. He has authored or coauthored over 20 papers on journals and conferences.
His research interests include cryptography, wireless
security, and network security.
TSAI AND LO: AUTHENTICATION SCHEME FOR DISTRIBUTED MOBILE CLOUD COMPUTING SERVICES
Nai-Wei Lo received the B.S. degree in engineering science from National Cheng Kung University,
Tainan, Taiwan, in 1988 and the M.S. and Ph.D. degrees in computer science and electrical engineering
from the State University of New York, Stony Brook,
NY, USA, in 1992 and 1998, respectively.
He is currently an Associate Professor in the
Department of Information Management with National Taiwan University of Science and Technology,
Taipei, Taiwan. His research interests include cryptography, radio-frequency identification applications
and security, wireless network routing and security, web technology, and fault
tolerance.
Prof. Lo is a member of the IEEE Communications Society.
815