Enabling secure mutual authentication and storage checking in cloud-assisted IoT

Dengzhi Liu; Zhimin Li; Chen Wang; Yongjun Ren; Dengzhi Liu; Zhimin Li; Chen Wang; Yongjun Ren

doi:10.3934/mbe.2022514

Mathematical Biosciences and Engineering

2022, Volume 19, Issue 11: 11034-11046. doi: 10.3934/mbe.2022514

Previous Article Next Article

Research article

Enabling secure mutual authentication and storage checking in cloud-assisted IoT

1.
School of Computer Engineering, Jiangsu Ocean University, Lianyungang 222005, China
2.
Jiangsu Institute of Marine Resources Development, Lianyungang 222005, China
3.
School of Computer Science, Nanjing University of Information Science and Technology, Nanjing 210044, China

Received: 27 June 2021 Revised: 10 August 2021 Accepted: 27 May 2022 Published: 02 August 2022

Internet of things (IoT) is a technology that can collect the data sensed by the devices for the further real-time services. Using the technique of cloud computing to assist IoT devices in data storing can eliminate the disadvantage of the constrained local storage and computing capability. However, the complex network environment makes cloud servers vulnerable to attacks, and adversaries pretend to be legal IoT clients trying to access the cloud server. Hence, it is necessary to provide a mechanism of mutual authentication for the cloud system to enhance the storage security. In this paper, a secure mutual authentication is proposed for cloud-assisted IoT. Note that the technique of chameleon hash signature is used to construct the authentication. Moreover, the proposed scheme can provide storage checking with the assist of a fully-trusted entity, which highly improves the checking fairness and efficiency. Security analysis proves that the proposed scheme in this paper is correct. Performance analysis demonstrates that the proposed scheme can be performed with high efficiency.
- Internet of things,
- cloud computing,
- mutual authentication,
- storage checking
Citation: Dengzhi Liu, Zhimin Li, Chen Wang, Yongjun Ren. Enabling secure mutual authentication and storage checking in cloud-assisted IoT[J]. Mathematical Biosciences and Engineering, 2022, 19(11): 11034-11046. doi: 10.3934/mbe.2022514

Related Papers:

Abstract

Internet of things (IoT) is a technology that can collect the data sensed by the devices for the further real-time services. Using the technique of cloud computing to assist IoT devices in data storing can eliminate the disadvantage of the constrained local storage and computing capability. However, the complex network environment makes cloud servers vulnerable to attacks, and adversaries pretend to be legal IoT clients trying to access the cloud server. Hence, it is necessary to provide a mechanism of mutual authentication for the cloud system to enhance the storage security. In this paper, a secure mutual authentication is proposed for cloud-assisted IoT. Note that the technique of chameleon hash signature is used to construct the authentication. Moreover, the proposed scheme can provide storage checking with the assist of a fully-trusted entity, which highly improves the checking fairness and efficiency. Security analysis proves that the proposed scheme in this paper is correct. Performance analysis demonstrates that the proposed scheme can be performed with high efficiency.

References

[1]	S. Lins, P. Grochol, S. Schneider, A. Sunyaev, Dynamic certification of cloud services: Trust, but verify!, IEEE Secur. Priv., 14 (2016), 66–71. https://doi.org/10.1109/MSP.2016.26 doi: 10.1109/MSP.2016.26
[2]	T. Menouer, N. Sukhija, P. Darmon, Towards a parallel constraint solver for cloud computing environments, in Int. Conference Big Data Comput. Serv. Appl., (2019), 195–198. https://doi.org/10.1109/BigDataService.2019.00033
[3]	L. Zhang, Z. Zou, W. Wang, Z. Jin, Y. Su, H. Chen, Resource allocation and trust computing for blockchain-enabled edge computing system, Comput. Secur., 105 (2021), 102249. https://doi.org/10.1016/j.cose.2021.102249 doi: 10.1016/j.cose.2021.102249
[4]	M. Hossain, R. Khan, S. A. Noor, R. Hasan, Jugo: A generic architecture for composite cloud as a service, in 2016 IEEE Int. Conf. Cloud Comput., (2016), 806–809. https://doi.org/10.1109/CLOUD2016.0112
[5]	D. Liu, J. Shen, A. Wang, C. Wang, Secure real-time image protection scheme with near-duplicate detection in cloud computing, J. Real-Time Image Process., 17 (2020), 175–184. https://doi.org/10.1007/s11554-019-00887-6 doi: 10.1007/s11554-019-00887-6
[6]	Y. Ren, L. Yan, Y. Cheng, W. Jin, Secure data storage based on blockchain and coding in edge computing, Math. Biosci. Eng., 16 (2019), 1874–1892. https://doi.org/10.3934/mbe.2019091 doi: 10.3934/mbe.2019091
[7]	D. Liu, Y. Zhang, D. Jia, Q. Zhang, X. Zhao, H. Rong, Toward secure distributed data storage with error locating in blockchain enabled edge computing, Comput. Stand. Interfaces, 79 (2022), 103560. https://doi.org/10.1016/j.csi.2021.103560 doi: 10.1016/j.csi.2021.103560
[8]	L. Zhang, Z. Zhang, W. Wang, Z. Jin, Y. Su, H. Chen, Research on a covert communication model realized by using smart contracts in blockchain environment, IEEE Syst. J., (2021). https://doi.org/10.1109/JSYST.2021.3057333 doi: 10.1109/JSYST.2021.3057333
[9]	W. Wang, H. Huang, L. Zhang, C. Su, Secure and efficient mutual authentication protocol for smart grid under blockchain, Peer Peer Netw. Appl., 14 (2020), 2681–2693. https://doi.org/10.1007/s12083-020-01020-2 doi: 10.1007/s12083-020-01020-2
[10]	D. Liu, Y. Zhang, W. Wang, K. Dev, S. A. Khowaja, Flexible data integrity checking with original data recovery in IoT-enabled maritime transportation systems, in IEEE Trans. Intell. Transp. Syst., (2021). https://doi.org/10.1109/TITS.2021.3125070
[11]	Y. Li, L. Du, G. Zhao, J. Guo, A lightweight identity-based authentication protocol, in IEEE Int. Conf. Signal Process., (2013), 1–4. https://doi.org/10.1109/ICSPCC.2013.6664134
[12]	Y. Tian, G. Chen, J. Li, A new ultralightweight rfid authentication protocol with permutation, IEEE Commun. Lett., 16 (2012), 702–705. https://doi.org/10.1109/LCOMM.2012.031212.120237 doi: 10.1109/LCOMM.2012.031212.120237
[13]	X. Li, Y. Han, J. Gao, J. Niu, Secure hierarchical authentication protocol in VANET, IET Inf. Secur., 14 (2020), 99–110. https://doi.org/10.1049/iet-ifs.2019.0249 doi: 10.1049/iet-ifs.2019.0249
[14]	S. P. Shieh, W. Yang, H. Sun, An authentication protocol without trusted third party, IEEE Commun. Lett., 1 (1997), 87–89.
[15]	G. Ateniese, M. Steiner, G. Tsudik, New multiparty authentication services and key agreement protocols, IEEE J. Sel. Areas Commun., 18 (2000), 628–639. https://doi.org/10.1109/49.839937 doi: 10.1109/49.839937
[16]	H. Li, Y. Dai, T. Ling, H. Yang, Identity-based authentication for cloud computing, in IEEE Int. Conf. Cloud Comput., (2009), 157–166. https://doi.org/10.1007/978-3-642-10665-1_14
[17]	A. J. Choudhury, P. Kumar, M. Sain, H. Lim, H. J. Lee, A strong user authentication framework for cloud computing, Proc. IEEE Asia-Pacific Serv. Comput. Conf., (2011), 110–115. https://doi.org/10.1109/APSCC.2011.14 doi: 10.1109/APSCC.2011.14
[18]	H. Liu, H. Ning, Q. Xiong, L. Yang, Shared authority based privacy-preserving authentication protocol in cloud computing, IEEE Trans. Parallel Distrib. Syst., 26 (2014), 241–251. https://doi.org/10.1109/TPDS.2014.2308218 doi: 10.1109/TPDS.2014.2308218
[19]	S. C. Patel, R. S. Singh, S. Jaiswal, Secure and privacy enhanced authentication framework for cloud computing, Int. Conf. Electron. Commun. Syst., (2015), 1631–1634. https://doi.org/10.1109/ECS.2015.7124863 doi: 10.1109/ECS.2015.7124863
[20]	D. Liu, J. Shen, A. Wang, C. Wang, Lightweight and practical node clustering authentication protocol for hierarchical wireless sensor networks, Int. J. Sensor Networks, 27 (2018), 95–102. https://doi.org/10.1504/IJSNET.2018.092638 doi: 10.1504/IJSNET.2018.092638
[21]	S. Ruj, M. Stojmenovic, A. Nayak, Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds, IEEE Trans. Parallel Distrib. Syst., 25 (2014), 384–394. https://doi.org/10.1109/TPDS.2013.38 doi: 10.1109/TPDS.2013.38
[22]	S. Chandrasekhar, M. Singhal, Efficient and scalable query authentication for cloud-based storage systems with multiple data sources, IEEE Trans. Serv. Comput., 10 (2017), 520–533. https://doi.org/10.1109/TSC.2015.2500568 doi: 10.1109/TSC.2015.2500568
[23]	J. L. Tsai, N. W. Lo, A privacy-aware authentication scheme for distributed mobile cloud computing services, IEEE Syst. J., 9 (2017), 805–815. https://doi.org/10.1109/JSYST.2014.2322973 doi: 10.1109/JSYST.2014.2322973
[24]	X. Liu, Y. Xia, S. Jiang, F. Xia, Y. Wang, Hierarchical attribute-based access control with authentication for outsourced data in cloud computing, J. Phys. Condens. Matter, (2013), 477–484. https://doi.org/10.1109/TrustCom.2013.60 doi: 10.1109/TrustCom.2013.60
[25]	R. Amin, N. Kumar, G. P. Biswas, R. Iqbal, V. Chang, A light weight authentication protocol for iot-enabled devices in distributed cloud computing environment, Future Gener. Comput. Syst., 78 (2016), 1005–1019. https://doi.org/10.1016/j.future.2016.12.028 doi: 10.1016/j.future.2016.12.028
[26]	D. Boneh, Identity-based encryption from the weil pairing, In Annual international cryptology conference, Springer, Berlin, Heidelberg, 2001,213–229. https://doi.org/10.1007/3-540-44647-8_13
[27]	H. Krawczyk, T. Rabin, Chameleon signatures, in Proceedings of the Network and Distributed System Security Symposium, NDSS 2000, San Diego, California, USA, (2000), 143–154.
[28]	T. Khan, K. Singh, M. H. Hasan, K. Ahmad, G. T. Reddy, S. Mohan, et al., ETERS: A comprehensive energy aware trust-based efficient routing scheme for adversarial WSNs, Future Gener. Comput. Syst., 125 (2021), 921–943. https://doi.org/10.1016/j.future.2021.06.049 doi: 10.1016/j.future.2021.06.049
[29]	W. Wang, H. Xu, M. Alazab, T. R. Gadekallu, Z. Han, C. Su, Blockchain-based reliable and efficient certificateless signature for IIoT devices, IEEE Trans. Industr. Inform., (2021), 1–9. https://doi.org/10.1109/TII.2021.3084753 doi: 10.1109/TII.2021.3084753
[30]	S. Guo, D. Zeng, Y. Xiang, Chameleon hashing for secure and privacy-preserving vehicular communications, IEEE Trans. Parallel Distrib. Syst., 25 (2014), 2794–2803. https://doi.org/10.1109/TPDS.2013.277 doi: 10.1109/TPDS.2013.277
[31]	D. Liu, J. Shen, P. Vijayakumar, A. Wang, T. Zhou, Efficient data integrity auditing with corrupted data recovery for edge computing in enterprise multimedia security, Multimed. Tools. Appl., 79 (2020), 10851–10870. https://doi.org/10.1007/s11042-019-08558-1 doi: 10.1007/s11042-019-08558-1
[32]	J. Zhang, X. Zhao, Efficient chameleon hashing-based privacy-preserving auditing in cloud storage, Cluster Comput., 19 (2016), 47–56. https://doi.org/10.1007/s10586-015-0514-0 doi: 10.1007/s10586-015-0514-0

Reader Comments

your name:*

Email:*
© 2022 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)