Abstract
Currently, the popularity of the Internet of Things (IoT) has brought about an increase in the amount of data, so multi-server distributed cloud computing has been widely used in various applications that have brought convenience to our daily lives. At the same time, the development of the fifth generation (5G) of mobile communication technology has gradually become the main driving force for the popularization of the IoT. Because the 5G network is a heterogeneous network with multiple servers and small cells, the mutual authentication protocol under multiple servers is also applicable to the 5G network environment. However, much of the data will have serious storage and security issues during transmission. Aiming at the security issues in a multi-server (M-S) architecture, in 2018, Wu et al. proposed an authentication protocol in a distributed cloud environment. They claimed that their protocol is secure and resistant to various known types of attacks. However, we found that their protocol does not guarantee perfect forward secrecy (PFS) and suffers from privileged insider (PI) attacks. Such attacks will cause data to be out of sync. Therefore, we improved Wu et al. ’s protocol and proposed an improvement in the 5G network environment. Finally, we performed a security analysis on the proposed protocol, including the automatic encryption protocol tool ProVerif, BAN logic, and informal security analysis, which proved that our protocol is secure. Compared with similar existing schemes, we have proved the efficiency of the scheme and achieved higher security standards.
Highlights
Today, the development of fifth generation (5G) technology has increasingly attracted researchers’ interest
Some scholars proposed the use of a multi-server architecture in a 5G network environment [17], [18]
perfect forward secrecy (PFS) is a feature of key agreement protocol, and the feature is becoming increasingly important in the protocol
Summary
The development of fifth generation (5G) technology has increasingly attracted researchers’ interest. The last one is the control server, which stores registration information for users and cloud servers to help both authenticate and generate session keys. Their protocol consists of user and server registration, authentication, and password change phases It requires the use of secure channels in the registration phases and public channels in the second and third phases. 2) AUTHENTICATION When user Ui wants to access the service of some cloud server Sj, CS can help to establish a session key for communication. The malicious user sends the above-computed message along with M1 to the CS After the malicious user and the CS complete the authentication, the related information stored in the CS and the S may be inconsistent, and the legitimate server cannot communicate normally.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.