Abstract

AbstractCloud computing, the conjoin of many types of computing, has made a great impact on the life of everyone. People from anywhere can access the different cloud‐based services by using the Internet. A user, who wants to access some cloud‐based service, needs to register himself/herself to an authority (service provider), and after that, he/she can use the service. To access the service, each user needs to authenticate to that particular cloud server. Several user authentication schemes for cloud computing have been presented but mostly have limitations/drawbacks as they are prone to various known attacks, such as privileged insider, user and server impersonation, and strong reply attacks, and they also have lack of functionality features. Moreover, these schemes do not provide efficient password change phase. In order to overcome these drawbacks, we propose a new provably secure biometric‐based user authentication and key agreement scheme for cloud computing. The proposed scheme overcomes the weaknesses of the existing schemes and supports extra functionality features including user anonymity and efficient password and biometric update phase for multi‐server environment. The careful formal security analysis under standard model and informal security analysis and the simulation results for formal security verification using the most acceptable AVISPA tool show that the proposed scheme is secure against various known possible attacks. The analysis of computation and communication overheads of our scheme depicts its efficiency over other related existing schemes, and thus, the proposed scheme is suitable for the cloud computing environment. Copyright © 2016 John Wiley & Sons, Ltd.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.