A Time-Bound Ticket-Based Mutual Authentication Scheme for Cloud Computing

Authors

  • Zhuo Hao 1. University of Science and Technology of China Department of Electronic Engineering and Information Science Hefei, Anhui 230027, P.R.China, and 2. State University of New York at Buffalo Department of Computer Science and Engineering 201 Bell Hall, Amherst, NY 14260, USA
  • Sheng Zhong State University of New York at Buffalo Department of Computer Science and Engineering 201 Bell Hall, Amherst, NY 14260, USA
  • Nenghai Yu University of Science and Technology of China Department of Electronic Engineering and Information Science Hefei, Anhui 230027, P.R.China

Keywords:

cloud computing, mutual authentication, digital ticket, masquerade attack

Abstract

Cloud computing is becoming popular quickly. In cloud computing, people store their important data in the cloud, which makes it important to ensure the data integrity and availability. Remote data integrity checking enables the client to perform data integrity verification without access to the complete file. This service brings convenience to clients, but degrades the server’s performance severely. Proper schemes must be designed to reduce the performance degradation.
In this paper, a time-bound ticket-based mutual authentication scheme is proposed for solving this problem. The proposed authentication scheme achieves mutual authentication between the server and the client. The use of timebound tickets reduces the server’s processing overhead efficiently. The correspondence relationship between the digital ticket and the client’s smart card prevents user masquerade attack effectively. By security analysis, we show that the proposed scheme is resistant to masquerade attack, replay attack and password guessing attack. By performance analysis, we show that the proposed scheme has good efficiency. The proposed scheme is very suitable for cloud computing.

References

B. Hayes, "Cloud computing," Commun. ACM, vol. 51, no. 7, pp. 9-11, 2008. http://dx.doi.org/10.1145/1364782.1364786

C. Cachin, I. Keidar, and A. Shraer, "Trusting the cloud," SIGACT News, vol. 40, no. 2, pp. 81-86, 2009. http://dx.doi.org/10.1145/1556154.1556173

Amazon.com, "Amazon Web Services (AWS)," http://aws.amazon.com/s3/, 2009.

Microsoft.com, "Microsoft Windows SkyDrive," http://windowslive.com/online/skydrive, 2009.

Nirvanix.com, "Nirvanix cloudNAS," http://www.nirvanix.com/products-services/, 2009.

G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, "Provable data possession at untrusted stores," in CCS '07: Proceedings of the 14th ACM conference on Computer and communications security, (New York, NY, USA), pp. 598-609, ACM, 2007. http://dx.doi.org/10.1145/1315245.1315318

A. Juels and B. S. Kaliski, Jr., "Pors: proofs of retrievability for large files," in CCS '07: Proceedings of the 14th ACM conference on Computer and communications security, (New York, NY, USA), pp. 584-597, ACM, 2007. http://dx.doi.org/10.1145/1315245.1315317

E.-C. Chang and J. Xu, "Remote integrity check with dishonest storage server," in 13th ESORICS, pp. 223-237, Springer Berlin / Heidelberg, 2008. http://dx.doi.org/10.1007/978-3-540-88313-5_15

A. Heitzmann, B. Palazzi, C. Papamanthou, and R. Tamassia, "Efficient integrity checking of untrusted network storage," in StorageSS '08, pp. 43-54, ACM, 2008.

K. D. Bowers, A. Juels, and A. Oprea, "HAIL: a high-availability and integrity layer for cloud storage," in CCS '09, (New York, NY, USA), pp. 187-198, ACM, 2009. http://dx.doi.org/10.1145/1653662.1653686

I.-C. Lin and C.-C. Chang, "A countable and time-bound password-based user authentication scheme for the applications of electronic commerce," Information Sciences, vol. 179, no. 9, pp. 1269 - 1277, 2009. http://dx.doi.org/10.1016/j.ins.2008.12.026

P. C. Kocher, J. Jaffe, and B. Jun, "Differential power analysis," in CRYPTO '99: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, (London, UK), pp. 388-397, Springer-Verlag, 1999. http://dx.doi.org/10.1007/3-540-48405-1_25

T. Messerges, E. Dabbish, and R. Sloan, "Examining smart-card security under the threat of power analysis attacks," IEEE Transactions on Computers, vol. 51, no. 5, pp. 541-552, 2002. http://dx.doi.org/10.1109/TC.2002.1004593

H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication," RFC2104, February 1997.

"Crypto++ 5.6.0 benchmarks," http://www.cryptopp.com/benchmarks.html.

"Secure hash standard," Federal Information Processing Standards Publication 180-2, August 2002.

Published

2011-06-10

Issue

Vol. 6 No. 2 (2011): International Journal of Computers Communications & Control (June)

Section

Articles

License

ONLINE OPEN ACCES: Acces to full text of each article and each issue are allowed for free in respect of Attribution-NonCommercial 4.0 International (CC BY-NC 4.0.

You are free to:

-Share: copy and redistribute the material in any medium or format;

-Adapt: remix, transform, and build upon the material.

The licensor cannot revoke these freedoms as long as you follow the license terms.

 

DISCLAIMER: The author(s) of each article appearing in International Journal of Computers Communications & Control is/are solely responsible for the content thereof; the publication of an article shall not constitute or be deemed to constitute any representation by the Editors or Agora University Press that the data presented therein are original, correct or sufficient to support the conclusions reached or that the experiment design or methodology is adequate.

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.