11 November 2017
A Safe Haven for Data
A novel authentication scheme
In the era of wireless communication enabled devices, it is very easy for attackers to illegally intercept and exploit private information of users. Suyel Namasudra and Pinki Roy from NIT, Silchar, Assam are now suggesting a new and improved authentication scheme for providing better security of user data in the cloud computing environment.
They used a smart card-based authentication scheme and chaotic cryptography based protocol. The present scheme using Chebyshev chaotic maps addresses many confidentiality and security issues along with overall economy of computational cost.
The team’s model system involved three parties: cloud service provider, data owner and user. The cloud service provider generates the system parameters during first login for authentication and key agreement, thus, having initial control on the central administration. However, in subsequent logins, the user can login directly without interacting with the cloud service provider. This minimizes the overhead of the cloud service provider and provides scalability of login.
The scheme provides strong anonymity. In fact, users are not traceable. Even if the cloud service provider has the username of the data owner, they cannot know the real identity of partnered peers by analysis of the previous session’s keys. For each session, production of keys involves a random number generated by an exclusive dis-junction operation which cannot be reproduced. Thus, the anonymity of the users, confidentiality of the process and perfect forward security are strongly maintained.
The scheme provides secure and efficient two-factor security with a mutual authentication mechanism that prevents unauthorised access thus countering all possible outside (hackers) and inside (malicious users) attacks. The encryption makes it difficult for any adversary to de-crypt the ciphertext and deduce the secret values required for authentication even if they get the secret information stored in the user’s smart card, and intercept all the transferred messages or obtain the key.
Along with the strong anonymity feature for the protection of the user’s identity and strong mutual authentication providing high security, the proposed scheme also supports freedom of password change by a legitimate user at any time.
The scheme proposed has reasonable computation and communication costs and may be very suitable for multi-server environments compared to other existing related schemes. Thus it can create a safe haven for data, free from the risks of illegal access and usage.
Concurrency and Computation – Practice and Experience, 29 (20) Special Issue, Article Number: e3864