Blockchain based Privacy Preserving User Authentication Protocol for Distributed Mobile Cloud Environment

Abstract

The development in cloud computing platforms has resulted, hosting many day-to-day service applications in the cloud. To avail the services provided by different cloud service providers (CSPs), the mobile user has to register his/her identity with the CSPs. The mobile user (MU) has to remember multiple identities and credentials to access various CSPs. Many single sign-on schemes have been proposed in the literature to eliminate multiple registrations by mobile users to access CSPs. Most of these schemes rely on a trusted third party known as Registration Authority Center (RAC), which is a centralized entity to manage the identity information of all the mobile users registered with it. The centralized RAC has two operational problems, i.e., RAC has full control over the data it possesses, resulting in the possibility of the data breach and increased risk of single-point-of-failure. In this paper, we propose a blockchain based privacy preserving user authentication protocol for distributed mobile cloud environment, which solves these two traditional problems with centralized registration centers. In proposed protocol, the registration of MU and CSP are performed through public blockchain network for MU to access CSPs and the authentication was performed between MU and CSP through public blockchain. The public blockchain network stores MU and CSPs identity information. Public blockchain network provides integrity to the data stored in it and secures the system from single-point-of-failure. In addition, security analysis and performance analysis were also performed for proposed protocol and it showed that the proposed protocol is secure from all-known attacks with better performance efficiency.