Efficient user authentication protocol for distributed multimedia mobile cloud environment

Abstract

The rapid growth of smart-phone users, mobile services and mobile applications, poses the challenges of storage space, processing capability, and battery lifetime at the users smart phones. Mobile cloud computing helps to overcome these challenges. Presently, when a mobile user wants to subscribe to various Multimedia based cloud service providers (MBCSPs), he/she need to register separately for each of MBCSP. Although one can use single sign-on methods, they are unreliable due to the presence of any untrusted server. Hence, we propose a three-factor mobile user authentication protocol for Distributed Multimedia based cloud services. Our proposed method consists of strong authentication between the mobile user and multimedia-based cloud service providers using session key agreement, choice-based MBCSPs registration, initial mobile user identity registration checking, time of validity for secret key issued by Registration center (RC) to mobile user and time of validity for secret key issued by RC to MBCSPs respectively. We have verified our protocol with various attack scenarios using informal analysis, formal proof using BurrowsAbadiNeedham (BAN) logic and formal security analysis using Automated Validation of Internet Security Protocols and Applications tool (AVISPA) respectively. Our proposed protocol provides better performance and foolproof security.