Abstract
Though Mobile Cloud Computing (MCC) and Mobile Edge Computing (MEC) technologies have brought more convenience to mobile services over past few years, but security concerns like mutual authentication, user anonymity, user untraceability, etc., have yet remained unresolved. In recent years, many efforts have been made to design security protocols in the context of MCC and MEC, but most of them are prone to security threats. In this paper, we analyze Jia et al.’s scheme, one of the latest authentication protocols for MEC environment and we show this scheme is vulnerable to user impersonation and ephemeral secret leakage attacks. Further, we demonstrate that the aforementioned attacks can be similarly applied to Li et al.’s scheme, which recently derived from Jia et al.’s protocol. In this paper, we propose a provably secure authenticated key agreement protocol based on Jia et al.’s scheme that not only withstands security weaknesses of it, but also offers low computational and communicational costs compared to the other related schemes. As a formal security proof, we simulate our scheme with widely used AVISPA tool. Moreover, we show the scalability and practicality of our scheme in an MEC environment through NS-3 simulation.
Similar content being viewed by others
References
Bonomi, F., Milito, R., Zhu, J., Addepalli, S. (2012). Fog computing and its role in the internet of things. In Proceedings of the ACM SIGCOMM workshop on mobile cloud computing, Helsinki, Finland.
Mao, Y., You, C., Zhang, J., Huang, K., & Letaief, K. B. (2017). A survey on mobile edge computing: The communication perspective. IEEE Communications Surveys Tutorials, 19(4), 2322–2358.
Abbas, N., Zhang, Y., Taherkordi, A., & Skeie, T. (2018). Mobile edge computing: A survey. IEEE Internet of Things Journal, 5(1), 450–465.
Shirazi, S. N., Gouglidis, A., Farshad, A., & Hutchison, D. (2017). The extended cloud: Review and analysis of mobile edge computing and fog from a security and resilience perspective. IEEE Journal on Selected Areas in Communications, 35(11), 2586–2595.
Chen, C.-M., Huang, Y., Wang, K.-H., Kumari, S., Wu, M.-E. (2020). A secure authenticated and key exchange scheme for fog computing. Enterprise Information Systems, pp. 1–16.
Lin, W., Yu, N., Zhang, X., Yang, H., & Zhao, W. (2017). A survey on internet of things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet of Things Journal, 4(5), 1125–1142.
Welch, D., Lathrop, S. (2003). Wireless security threat taxonomy, In IEEE systems, man and cybernetics societyinformation assurance workshop, 2003., West Point, NY, USA.
Ahmad, I., Shahabuddin, S., Kumar, T., Okwuibe, J., Gurtov, A., & Ylianttila, M. (2019). Security for 5G and beyond. IEEE Communications Surveys and Tutorials, 21(4), 3682–3722.
Roman, R., Lopez, J., & Mambo, M. (2016). Mobile edge computing, fog et al.: A survey and analysis of security threats and challenges. Future Generation Computer Systems, 78, 680–698.
Boneh, D., Franklin, M. (2001). Identity Based Encryption from the Weil Pairing. In Advances in Cryptology - CRYPTO, volume 2139 of LNCS, pp. 213–229. Springer.
Jakobsson, M., Pointcheval, D. (2001) Mutual Authentication for Low-Power Mobile Devices. In Proceedings of the Financial Cryptography, pp. 178–195.
Jia, X., He, D., Kumar, N., & Choo, K. K. R. (2020). A provably secure and efficient identity-based anonymous authentication scheme for mobile edge computing. IEEE Systems Journal, 14(1), 560–571.
Li, Y., Cheng, Q., Liu, X., & Li, X. (2020). A secure anonymous identity-based scheme in new authentication architecture for mobile edge computing. IEEE Systems Journal, 15(1), 935–946.
AVISPA. SPAN, the Security Protocol ANimator for AVISPA. version 1.6 - Sep. 2017, [online] Available: http://people.irisa.fr/Thomas.Genet/span/. “Automated validation of internet security protocols and applications,” Mar. 2016, [online].
Tsai, J., & Lo, N. (2015). A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Systems Journal, 9(3), 805–815.
Jiang, Q., Ma, J., & Wei, F. (2018). On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Systems Journal, 12(2), 2039–2042.
Amin, R., Islam, S. H., Biswas, G. P., Giri, D., Khan, M. K., & Kumar, N. (2016). A more secure and privacy-aware anonymous user authentication scheme for distributed mobile cloud computing environments. Security and Communication Networks, 9(17), 4650–4666.
Jannati, H., & Bahrak, B. (2017). An improved authentication protocol for distributed mobile cloud computing services. International Journal of Critical Infrastructure Protection, 19, 59–67.
Chaudhry, S., Kim, I. L., Rho, S., Farash, M. S., & Shon, T. (2017). An improved anonymous authentication scheme for distributed mobile cloud computing services. Cluster Computing, 22(1), 1595–1609.
Amin, R., Kumar, N., Biswas, G. P., Iqbal, R., & Chang, V. (2018). A light weight authentication protocol for IoT-enabled devices in distributed cloud computing environment. Future Generation Computer Systems, 78, 1005–1019.
Zhou, L., Li, X., Yeh, K.-H., Su, C., & Chiu, W. (2019). Lightweight IoT-based authentication scheme in cloud computing circumstance. Future Generation Computer Systems, 91, 244–251.
Ghaffar, Z., Ahmed, S., Mahmood, K., Islam, S. H., Hassan, M. M., & Fortino, G. (2020). An improved authentication scheme for remote data access and sharing over cloud storage in cyber-physical-social-systems. IEEE Access, 8, 47144–47160.
He, D., Kumar, N., Khan, M. K., Wang, L., & Shen, J. (2018). Efficient privacy-aware authentication scheme for mobile cloud computing services. IEEE Systems Journal, 12(2), 1621–1631.
Xiong, L., Peng, D., Peng, T., & Liang, H. (2017). An enhanced privacy-aware authentication scheme for distributed mobile cloud computing services. KSII Transactions on Internet and Information Systems, 11(12), 6169–6187.
Odelu, V., Das, A. K., Kumari, S., Huang, X., & Wazid, M. (2017). Provably secure authenticated key agreement scheme for distributed mobile cloud computing services. Future Generation Computer Systems, 68, 74–88.
LaMacchia Brian, A., Kristin, L., Mityagin, A. (2007). Stronger security of authenticated key exchange," ProvSec 2007, LNCS. vol. 4784, pp. 1–16.Springer, Heidelberg.
Tseng, Y., Huang, S., Tsai, T., & Ke, J. (2016). List-free ID-based mutual authentication and key agreement protocol for multiserver architectures. IEEE Transactions on Emerging Topics in Computing, 4(1), 102–112.
Irshad, A., Chaudhry, S. A., Alomari, O. A., Yahya, K., & Kumar, N. (2020). A novel pairing-free lightweight authentication protocol for mobile cloud computing framework. IEEE Systems Journal, 15(3), 3664–3672.
Karati, A., Amin, R., Islam, S. H., & Choo, K.-K.R. (2018). Provably secure and lightweight identity-based authenticated data sharing protocol for cyber-physical cloud environment. IEEE Transactions on Cloud Computing, 9(1), 318–330.
Chen, L., Cheng, Z., & Smart, N. (2007). Identity-based key agreement protocols from pairings. International Journal of Information Security, 6, 213–241.
Sakai, R., Kasahara, M. (2003). ID based cryptosystems with pairing on elliptic curve. Cryptol. ePrint Archive Report 2003/054.
Canetti, R., Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In Lecture notes in computer science advances in Cryptology — EUROCRYPT 2001, pp. 453–474.
Luo, M., Zhang, Y., Khan, M. K., & He, D. (2017). A secure and efficient identity-based mutual authentication scheme with smart card using elliptic curve cryptography. International Journal of Communication Systems, 30(16), e3333.
Dodis, Y., Reyzin, L., Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data,” Advances in Cryptology - EUROCRYPT 2004 Lecture Notes in Computer Science, pp. 523–540.
Xu, D., Chen, J., & Liu, Q. (2019). Provably secure anonymous three-factor authentication scheme for multi-server environments. Journal of Ambient Intelligence and Humanized Computing, 10(2), 611–627.
Odelu, V., Das, A. K., & Goswami, A. (2015). A secure biometrics-based multiserver authentication protocol using smart cards. IEEE Transactions on Information Forensics and Security, 10(9), 1953–1966.
Yoon, E., & Yoo, K. (2013). Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. The Journal of Supercomputing, 63(1), 235–255.
Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.
Automated validation of internet security protocols and applications. (2019). [online] Available: http://www.avispa-project.org/.
Basin, D., Modersheim, S., Vigano, L. (2003). An On-The-Fly Model-Checker for Security Protocol Analysis, In Proceedings of ESORICS’03, volume 2808 of LNCS, pp. 253–270. Springer-Verlag, Berlin.
Turuani, M. (2006). The CL-Atse protocol analyser. In Proceedings of the RTA’06, LNCS.
https://www.nsnam.org, “Ns-3.30,” https://www.nsnam.org/releases/ns-3-30/, (2019).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Rakeei, M., Moazami, F. An efficient and provably secure authenticated key agreement scheme for mobile edge computing. Wireless Netw 28, 2983–2999 (2022). https://doi.org/10.1007/s11276-022-03005-w
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11276-022-03005-w