Abstract
Ensuring the security and privacy of users and data in a mobile-edge computing (MEC) deployment, without affecting performance, latency and user quality of experience remain challenging. For example, in this article, we revisit an identity-based anonymous authentication scheme designed for MEC deployment. Then, we reveal that the scheme is vulnerable to impersonation, replay, and Denial-of-Service (DoS) attacks, contrary to their claims. It also does not achieve user untraceability, and the registration center must be online during authentication. We also observe that it is unclear from their scheme description, what encryption algorithm should be used in the authentication process. Therefore, we redesign the scheme in order to mitigate the weaknesses pointed out. Our redesigned protocol uses password and biometrics for authentication, which broadens the scope for real-world implementation. We also provide both formal security proof and heuristic security analysis to demonstrate that the proposed scheme achieves the desired security goals. A performance comparison shows that our scheme outperforms four other competing schemes in terms of computation and communication costs.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.