An enhanced secure authentication scheme with user anonymity in mobile cloud computing

Abstract

With the rapid growth and development in cloud computing and mobility, mobile cloud computing has emerged and becomes the trend of future generation computing paradigm. Cloud offers infrastructure, platform and software services to mobile users through mobile network. The key issues in mobile cloud computing are security and privacy. While analysing security and privacy issues in mobile cloud computing, three aspects should be considered they are: mobile terminal, mobile network and the cloud. To address the key issues in mobile cloud computing, we proposed an authentication scheme which will provide security to the messages exchanged between mobile user and the cloud server. Lee at al. have proposed authentication scheme for roaming service in global mobility networks in 2016. In this paper we have reviewed Lee et al.'s scheme and proved that their scheme is vulnerable to replay attack, man in the middle attack and impersonation attack. Moreover their scheme fails to preserve user anonymity, provides no local password verification and could not achieve perfect forward secrecy. Hence an enhanced secure authentication scheme with user anonymity in mobile cloud computing is proposed. Furthermore, the security analysis of the proposed scheme is also presented in this paper.