Compromise-resilient anonymous mutual authentication scheme for n by m-times ubiquitous mobile cloud computing services

Abstract

Mobile cloud computing (MCC) combines mobile devices with cloud computing for efficient extension of infrastructures and cloud services to mobile devices using the existing mobile network. However, this usually attracts security and privacy-related attacks on both mobile cloud service providers and mobile users. Aside from this, an effective approach for limiting users to a specific number of services for a specific period on the cloud server is also a major issue in the MCC environment. To securely solve these, we propose a novel compromise-resilient anonymous mutual authentication scheme that allows mobile users to subscribe for n number of services at m-period on the mobile cloud server without compromising their privacy. The security of the proposed scheme is formally verified, and its functionalities and performances are compared with other state-of-the-art schemes. The results show that the scheme has insignificant computational and communication overheads compared to other schemes, and with more functionalities such as mutual authentication, resilience to forgery, insider attacks, masquerade attacks, user anonymity, and selective subscriptions feature for the prepaid subscription.