MDA: message digest-based authentication for mobile cloud computing

Dey, Saurabh; Sampalli, Srinivas; Ye, Qiang

doi:10.1186/s13677-016-0068-6

Cited by 15 publications

(17 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors of ref. [28] recently proposed a message digest authentication scheme (MDA) that strategically incorporates hashing, in addition to traditional user ID and passwords, to achieve mutual authentication. MDA consists of three stages: registration, verification, and update.…”

Section: Password Based Methodsmentioning

confidence: 99%

“…Approaches such as refs. [28,29], use password based authentication, which is the most widely used and accepted, due to its ease of use, its compatibility, scalability, as well as its low cost. To achieve secure, power-efficient and lightweight authentication for MCC mobile devices, dual-factor authentication protocol is introduced, in which two of the above methods are integrated ensuring minimum processing and energy consumption.…”

Section: An Overview Of MCC Authentication Protocolsmentioning

confidence: 99%

See 1 more Smart Citation

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

Abuarqoub

2019

JSAN

View full text Add to dashboard Cite

Emerging Mobile Cloud Computing (MCC) technologies offer a new world of promise by leveraging the quality of mobile services. With MCC, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. While MCC adoption is growing significantly, several challenges need to be addressed to make MCC-based solutions scale and meet the ever-growing demand for more resource intensive applications. Security is a critical problem hindering the adoption of MCC. One of the most important aspects of MCC security is to establish authenticated communication sessions between mobile devices and cloud servers. The huge amount of data stored on mobile devices poses information security risks and privacy concerns for individuals, enterprises, and governments. The ability to establish authenticated communication sessions between mobile devices and cloud servers can resolve many security concerns. Limited computing and energy resources on mobile devices makes authentication and encryption a challenging task. In this paper, an overview of MCC authentication protocols is presented. Then, a Dual-Factor Authentication Protocol for MCC devices (D-FAP) is proposed. D-FAP aims at increasing authentication security by using multi-factors while offloading computation to the cloud to reduce battery consumption. The security of the protocol is formally verified and informal analysis is performed for various attacks. The results prove that the D-FAP is successful in mitigating various outsider and insider attacks.

show abstract

Section: Password Based Methodsmentioning

confidence: 99%

Section: An Overview Of MCC Authentication Protocolsmentioning

confidence: 99%

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

Abuarqoub

2019

JSAN

View full text Add to dashboard Cite

show abstract

“…Also, the proposed scheme satisfies the generic attack like denial of service attack by specifying the active participants of each communication [21]. Man-in-themiddle attack is satisfying by every communication which is carrying the actual sender and the receiver identity [11,15]. It is carrying the server URI and the client URI in every step and also its getting verified by the server using the user's profile.…”

Section: Security Analysis and Verificationmentioning

confidence: 98%

“…Authentication is an essential security service in any system or network communications [8][9][10]. It is classified as user authentication, remote authentication, mutual authentication, message authentication, and implicit authentication [11,12]. The current authentication review shows the different attributes, based on password, hash value, identity, digital signature, hierarchical model, mobile number, group key, and biometric [13].…”

Section: Introductionmentioning

confidence: 99%

New Authentication Scheme to Secure against the Phishing Attack in the Mobile Cloud Computing

Munivel

Kannammal

2019

Security and Communication Networks

View full text Add to dashboard Cite

A phishing attack is one of the severe threats to the smartphone users. As per the recent lookout report, mobile phishing attack is increasing 85% year to year and going to become a significant threat to the smartphone users. This social engineering attack attempts to get the user’s password by disguising as trusted service provider. Most of the smartphone users are using the Internet services outside of the traditional firewall. Cloud-based documents are one of the primary targets of this phishing attack in mobile cloud computing. Also, most smartphone users are using the cloud storage in their device. To secure against this password attack in a mobile cloud environment, we propose a new authentication scheme to provide novel security to the mobile cloud services. This scheme will verify the user and service provider without transmitting the password using the Zero-knowledge proof based authentication protocol. Moreover, the proposed scheme will provide mutual authentication between the communication entities. The effectiveness of proposed scheme would be verified using protocol verification tool called Scyther.

show abstract

“…Although many authentication schemes have been proposed in recent years [4][5][6][7][8][9][10][11][12][13][14], most of them lack mutual authentication between MClient and CServers [15][16]. Moreover, the existing schemes are vulnerable to known attacks such as man-in-the-middle (MITM), playback, impersonation, and asynchronization [17][18][19].…”

Section: Introductionmentioning

confidence: 99%

Dynamic Reciprocal Authentication Protocol for Mobile Cloud Computing

Ahmed

Wendy

Kabir

et al. 2021

IEEE Systems Journal

View full text Add to dashboard Cite

A combination of mobile and cloud computing delivers many advantages such as mobility, resources, and accessibility through seamless data transmission via the Internet anywhere at any time. However, data transmission through vulnerable channels poses security threats such as man-in-themiddle, playback, impersonation, and asynchronization attacks. To address these threats, we define an explicit security model that can precisely measure the practical capabilities of an adversary. A systematic methodology consisting of 16 evaluation criteria is used for comparative evaluation, thereby leading other approaches to be evaluated through a common scale. Finally, we propose a dynamic reciprocal authentication protocol to secure data transmission in mobile cloud computing. In particular, our proposed protocol develops a secure reciprocal authentication method, which is free of Diffie-Hellman limitations, and has immunity against basic or sophisticated known attacks. The protocol utilizes multi-factor authentication of usernames, passwords, and a one-time password. The password is automatically generated and regularly updated for every connection. The proposed protocol is implemented and tested using Java to demonstrate its efficiency in authenticating communications and securing data transmitted in the mobile cloud computing environment. Results of the evaluation process indicate that compared with the existing works, the proposed protocol possesses obvious capabilities in security and in communication and computation costs.

show abstract

MDA: message digest-based authentication for mobile cloud computing

Cited by 15 publications

References 40 publications

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

D-FAP: Dual-Factor Authentication Protocol for Mobile Cloud Connected Devices

New Authentication Scheme to Secure against the Phishing Attack in the Mobile Cloud Computing

Dynamic Reciprocal Authentication Protocol for Mobile Cloud Computing

Contact Info

Product

Resources

About