• ISSN 0258-2724
  • CN 51-1277/U
  • EI Compendex
  • Scopus 收录
  • 全国中文核心期刊
  • 中国科技论文统计源期刊
  • 中国科学引文数据库来源期刊

一种高效的移动云服务环境下隐私保护认证协议

熊玲 彭代渊 彭图 梁宏斌

熊玲, 彭代渊, 彭图, 梁宏斌. 一种高效的移动云服务环境下隐私保护认证协议[J]. 西南交通大学学报, 2019, 54(1): 202-210. doi: 10.3969/j.issn.0258-2724.20170596
引用本文: 熊玲, 彭代渊, 彭图, 梁宏斌. 一种高效的移动云服务环境下隐私保护认证协议[J]. 西南交通大学学报, 2019, 54(1): 202-210. doi: 10.3969/j.issn.0258-2724.20170596
XIONG Ling, PENG Daiyuan, PENG Tu, LIANG Hongbin. Efficient Privacy-Preserving Authentication Protocol for Mobile Cloud Computing Services[J]. Journal of Southwest Jiaotong University, 2019, 54(1): 202-210. doi: 10.3969/j.issn.0258-2724.20170596
Citation: XIONG Ling, PENG Daiyuan, PENG Tu, LIANG Hongbin. Efficient Privacy-Preserving Authentication Protocol for Mobile Cloud Computing Services[J]. Journal of Southwest Jiaotong University, 2019, 54(1): 202-210. doi: 10.3969/j.issn.0258-2724.20170596

一种高效的移动云服务环境下隐私保护认证协议

doi: 10.3969/j.issn.0258-2724.20170596
基金项目: 国家自然科学基金资助项目(61571375)
详细信息
    作者简介:

    熊玲(1983—)女,博士研究生,研究方向为密码协议设计与分析、云安全等,E-mail: lingdonghua99@163.com

    通讯作者:

    梁宏斌(1972—),男,副教授,博士,研究方向为移动云计算,信息安全等,E-mail: hbliang@swjtu.edu.cn

  • 中图分类号: TP391

Efficient Privacy-Preserving Authentication Protocol for Mobile Cloud Computing Services

Funds: This work has beensupported by the National Science Foundation of China (Grant No. 61571375)
  • 摘要: 为了解决移动云服务环境的互相认证和隐私保护问题,设计了一种改进的移动云服务环境下隐私保护认证协议.该协议结合基于身份的签密技术和多服务器认证技术,保证用户只需注册一次,就可以访问多个移动云服务提供者,同时认证过程不需要可信第三方参与;该协议在移动终端未使用计算复杂度高的双线性对运算和映射到域上的hash运算,其计算效率显著提高. 通过理论分析和实验结果可知:该协议与目前已有的同类协议相比,在移动端的计算时间为45.242 s,其计算效率约为已有同类协议的2倍;具有用户匿名和不可追踪等安全性质;能够抵抗错误口令登录、更改攻击.

     

  • 图 1  用户注册阶段

    Figure 1.  User registration phase

    图 2  用户认证阶段

    Figure 2.  User authentication phase .

    表  1  安全功能对比结果

    Table  1.   Comparison of security functionality

    安全特征 文献[5] 文献[16] 文献[17] 文献[18] 本方案
    (1)
    (2)
    (3)
    (4)
    (5)
      注:(1)—互相认证;(2)—用户匿名和不可追踪;     (3)—多因子安全;(4)—用户撤销和重注册;     (5)—错误口令登录修改攻击.
    下载: 导出CSV

    表  2  相关操作运行时间

    Table  2.   Running time of related operations ms

    时间 用户 云服务提供者 时间 用户 云服务提供者
    Tmtp 33.582 5.493 Texp 2.249 0.339
    Tbp 32.713 5.427 Tmul 0.008 0.001
    Tsm 13.405 2.165 Th 0.056 0.007
    下载: 导出CSV

    表  3  计算性能对比

    Table  3.   Comparison of computation cost

    方案 移动端 服务器端
    Ref.[5] Tmtp + 4Tsm + Texp + 5Th + 2Tpa ≈ 89.893 2Tbp + 2Tpa + 2Tsm + 2Texp + 4Th ≈ 16.096
    Ref.[16] Tmtp + 3Tsm + 3Texp + 5Th + Tpa ≈ 80.905 2Tbp + Tpa + Tsm + 3Texp + Tmul + 5Th ≈ 14.085
    Ref.[17] Tmtp+Tbp + 4Tsm + 2Texp + 8Th + 2Tpa ≈ 125.023 2Tbp + 3Tpa + 4Tsm + 2Texp + 5Th ≈ 20.446
    Ref.[18] 2Tmtp + 3Tsm + 2Texp + 5Th + Tpa ≈ 112.238 2Tbp + Tpa + Tsm + 3Texp + Tmul + 5Th ≈ 14.085
    本方案 3Tsm + 2Texp + 8Th + Tpa ≈ 45.242 2Tbp + Tpa + Tsm + 2Texp + Tmul + 5Th ≈ 13.746
    下载: 导出CSV
  • 范平志,周维曦. 高移动无线通信抗多普勒效应技术研究进展[J]. 西南交通大学学报,2016,51(3): 405-417 doi: 10.3969/j.issn.0258-2724.2016.03.001

    FAN Pingzhi, ZHOU Weixi. Advances in anti-doppler effect techniques for high mobility wireless communications[J]. Journal of Southwest Jiaotong University, 2016, 51(3): 405-417 doi: 10.3969/j.issn.0258-2724.2016.03.001
    中国互联网信息中心. 第39次中国互联网络发展状况统计报告[EB/OL]. (2017-01-22)[2017-06-20]. http://www.199it.com/archives/560209.html
    李瑞轩,董新华,辜希武,等. 移动云服务的数据安全与隐私保护综[J]. 通信学报,2013,34(12): 158-165 doi: 10.3969/j.issn.1000-436x.2013.12.018

    LI Ruixuan, DONG Xinhua, GU Xiwu, et al. Overview of the data security and privacy-preserving of mobile cloud services[J]. Journal on Communications, 2013, 34(12): 158-165 doi: 10.3969/j.issn.1000-436x.2013.12.018
    DELY P, KASSLER A, CHOW L, et.al. A software-defined networking approach for handover management with real-time video in WLANs[J]. Journal of Modern Transportation, 2013, 21: 58-65 doi: 10.1007/s40534-013-0007-x
    TSAI J L, LO N W. A privacy-aware authentication scheme fordistributed mobile cloud computing services[J]. IEEE Systems Journal, 2015, 9(3): 805-815 doi: 10.1109/JSYST.2014.2322973
    JIANG Q, MA J F, WEI F S. On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2016(99): 4-7
    刘辉,李晖,马占欣. 一个安全高效的车载网认证方案[J]. 西南交通大学学报,2011,46(2): 315-320 doi: 10.3969/j.issn.0258-2724.2011.02.023

    LIU Hui, LI Hui, MA Zhanxin. Efficient and secure authentication scheme for vehicular ad hoc networks[J]. Journal of Southwest Jiaotong University, 2011, 46(2): 315-320 doi: 10.3969/j.issn.0258-2724.2011.02.023
    LEE S, ONG I, LIM HT, et al. Two factor authentication for cloud computing[J]. International Journal of KIMICS, 2010, 8(4): 427-432
    CHOUDHURY A J, KUMAR P, SAIN M, et al. A Strong user authentication framework for cloud computing[C]//IEEE Asia -Pacific Services Computing Conference. Jeju Island: IEEE, 2011: 110-115
    CHEN N, JIANG R. Security analysis and improvement of user authentication framework for cloud computing[J]. Journal of Networks, 2014, 9(1): 198-203
    WANG R, CHEN S, WANG X F, Signing me onto your accounts through facebook and google: a traffic-guided security study of commercially deployed single-sign-on Web services[C]//Security and Privacy. San Francisco: IEEE, 2012: 365-379
    Microsoft. Windows live ID[EB/OL]. [2017-03-11]. https://account.live.com/
    OpenID Foundation, OpenID Authentication 2.0 [EB/OL]. (2007-12-05) [2017-03-11]. http://openid.net/specs/openid-authentication-2_0.html
    HUGHES J. Profiles for the OASIS security assertion markup language (SAML) V2.0[EB/OL]. (2005-03-17) [2017-06-20]. http://docs.oasis-open.org/security/saml/v2.0/
    FETT D, KUSTERS R, SCHMITZ G. SPRESSO: a secure privacy-respecting single sign-on system for the Web[C]//The 22nd ACM SIGSAC Conference on Computer and Communications Security. Denver: ACM, 2015: 1358-1369
    HE D, KUMAR N, KHAN M K, et al. Efficient privacy-aware authentication scheme for mobile cloud computing services[J]. IEEE Systems Journal, 2016, 99: 1-11
    IRSHAD A, SHER M, AHMAD H F, et al. An improved multi-server authentication scheme for distributed mobile cloud computing services[J]. Ksll Transactions on Internet and Information Systems, 2016, 10(12): 5529-5552
    ODELU V, DAS A K, KUMARI S, et al. Provably secure authenticated key agreement scheme for distributed mobile cloud computing services[J]. Future Generation Computer Systems, 2017, 68: 74-88 doi: 10.1016/j.future.2016.09.009
    AMIN R, ISLAM S H, BISWAS G P, et al. A more secure and privacy-aware anonymous user authentication scheme for distributed mobile cloud computing environments[J]. Security and Communication Network, 2016, 9(17): 4650-4666 doi: 10.1002/sec.v9.17
    WANG D, HE D, WANG P, et al. Anonymous two-factor authenticationin distributed systems:certain goals are beyond attainment[J]. IEEE Trans. Dependable Secure Comput., 2015, 12(4): 428-442 doi: 10.1109/TDSC.2014.2355850
    WANG D, WANG P. On the usability of two-factor authentication[C]//Proc. 10th Int. Conf. Security Privacy Commun. Beijing: [s.n.], 2014: 141-150
    MA C G, WANG D, ZHAO S D. Security flaws in two improved remote user authentication schemes using smart cards[J]. International Journal of Communication Systems, 2012, 27(10): 2215-2227
    WANG D, WANG P. Two birds with one stone:two-factor authentication with security beyond conventional bound[J]. IEEE Transactions on Dependable and Secure Computing, 2016, 99: 1545-5971
    MISHRA D. On the security flaws in ID-based password authentication schemes for telecare medical information systems[J]. Journal of Medical Systems, 2015, 39: 154-169 doi: 10.1007/s10916-014-0154-6
    ODELU V, DAS A K, GOSWAMI A. A secure biometrics-based multi-server authentication protocol using smart cards[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(9): 1953-1966 doi: 10.1109/TIFS.2015.2439964
    BRICKELL E, LI J. Enhanced privacy ID:a direct anonymousattestation scheme with enhanced revocation capabilities[J]. IEEE Transactions on Dependable and Secure Computing, 2012, 9(3): 345-360 doi: 10.1109/TDSC.2011.63
    POINTCHEVAL D, STERN J. Security arguments for digital signatures andblind signatures[J]. Journal of Cryptology, 2000, 13(3): 361-396 doi: 10.1007/s001450010003
  • 加载中
图(2) / 表(3)
计量
  • 文章访问数:  380
  • HTML全文浏览量:  177
  • PDF下载量:  10
  • 被引次数: 0
出版历程
  • 收稿日期:  2017-08-10
  • 修回日期:  2017-10-03
  • 网络出版日期:  2017-11-13
  • 刊出日期:  2019-02-01

目录

    /

    返回文章
    返回