Abstract
Multiple servers collaboration technology is the foundation to realize cloud computing deployed in the distributed environments. Service providers could supply massive data and service to authorized users on the cloud infrastructure, instead of maintaining them in the local servers. It is essential for cloud platforms to develop a uniform authentication system, which manages users’ access control and authorization. Recently, Irshad et al. presented a chaotic map-based authentication protocol for the multiple servers architecture, which is recognized susceptible to session key recovery attack and identity theft attack. There is an inherent vulnerability in the session key negotiation based on Chebyshev chaotic map-based public key system and the attacker could retrieve cleartext from a given ciphertext. It is the most crippling issue to result the aforementioned susceptibilities. In this paper, we illustrate the faults in Irshad et al.’s proposal and devise a solution with a tripartite authentication strategy, in which we replace the constant $T_{p}(x)$ with a disparate value for each users. Both the formal security analysis validated by BAN-logic focused on the tripartite authentication protocol and the heuristic analysis demonstrate the security reliability of the proposed protocol. Compare to the previous related solutions with the tripartite authentication strategy, our proposal possesses a superior security property and the better scalability with considerable efficiency.
Highlights
Cloud computing integrates virtualization, large scale storage systems, distributed computing networks and furnishes a service-oriented solution for consumers and enterprises [1]
We prove that the enhancement is robust by a formal security analysis validated by BAN-logic focused on the tripartite authentication protocol [22] and the heuristic analysis, respectively
PRELIMINARIES we briefly review the knowledge of the session key negotiation based Chebyshev chaotic map-based cryptosystem [23] and its inherent security flaw [24]
Summary
Large scale storage systems, distributed computing networks and furnishes a service-oriented solution for consumers and enterprises [1]. An authentication mechanism for the multiple servers architecture could execute a unified access control management [4], [5] It solves the tautological registration problem properly and users could acquire network resources from service providers of the cloud platform with a single registration. In 2017, Irshad et al [19] presented a chaotic map based authenticated key agreement scheme in the multiple servers architecture. The constant value Tp(x) in the public parameters is superseded by a session variable Tp(yi), where yi is concealed and unaware by exceptions of participators involved in the interaction protocol In this way, we properly thwart the security vulnerabilities in Irshad et al’s proposal caused by the inherent issue of the session key negotiation based on Chebyshev chaotic map-based cryptosystem.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
