Volume 33 Issue 1
Jan.  2024
Turn off MathJax
Article Contents
Brou Bernard Ehui, Chen CHEN, Shirui WANG, et al., “A Secure Mutual Authentication Protocol Based on Visual Cryptography Technique for IoT-Cloud,” Chinese Journal of Electronics, vol. 33, no. 1, pp. 43–57, 2024 doi: 10.23919/cje.2022.00.339
Citation: Brou Bernard Ehui, Chen CHEN, Shirui WANG, et al., “A Secure Mutual Authentication Protocol Based on Visual Cryptography Technique for IoT-Cloud,” Chinese Journal of Electronics, vol. 33, no. 1, pp. 43–57, 2024 doi: 10.23919/cje.2022.00.339

A Secure Mutual Authentication Protocol Based on Visual Cryptography Technique for IoT-Cloud

doi: 10.23919/cje.2022.00.339
More Information
  • Author Bio:

    Brou Bernard Ehui received the M.S. degree in science degree in computer science and technology from Beijing Technology and Business University, Beijing, China, in 2018. He is currently working towards the Ph.D. degree in cyber security at Beihang University, Beijing, China. His research interests include the Internet of things, mutual authentication, wireless networks and cryptography. (Email: brou.ehui@yahoo.com)

    Chen CHEN received the B.E. degree in computer science and technology from Beihang University, Beijing, China, in 2017. He currently is studying for the Ph.D. degree in Beihang University. His research direction focuses on security protocols and cryptography. (Email: chen4chen@buaa.edu.cn)

    Shirui WANG received the B.S. degree at Beihang University in 2022. She is currently pursuing the M.S. degree in electronic information at the Sino-French Engineering School of Beihang University, China. The research interests include biometric encryption and security protocol. (Email: valleyxht@126.com)

    Hua GUO received the Ph.D. degree from Beihang University, China, in 2011. She is currently an Associate Professor in School of Cyber Science and Technology, Beihang University, China. Her research interest includes cryptography and security protocol. (Email: hguo@buaa.edu.cn)

    Jianwei LIU received the B.S. and M.S. degrees in electronics and information from Shandong University, Shandong, China in 1985 and 1988, respectively. He received the Ph.D. degree in communication and electronic systems from Xidian University Shaanxi, China in 1998. He is now a Professor of electronic and information engineering at Beihang University, Beijing, China. His current research interests include wireless communication networks, cryptography, and information & network security. (Email: liujianwei@buaa.edu.cn)

  • Corresponding author: Email: hguo@buaa.edu.cn
  • Received Date: 2022-10-04
  • Accepted Date: 2023-04-04
  • Available Online: 2023-07-01
  • Publish Date: 2024-01-05
  • Because of the increasing number of threats in the IoT cloud, an advanced security mechanism is needed to guard data against hacking or attacks. A user authentication mechanism is also required to authenticate the user accessing the cloud services. The conventional cryptographic algorithms used to provide security mechanisms in cloud networks are often vulnerable to various cyber-attacks and inefficient against new attacks. Therefore, developing new solutions based on different mechanisms from traditional cryptography methods is required to protect data and users’ privacy from attacks. Different from the conventional cryptography method, we suggest a secure mutual authentication protocol based on the visual cryptography technique in this paper. We use visual cryptography to encrypt and decrypt the secret images. The mutual authentication is based on two secret images and tickets. The user requests the ticket from the authentication server (AS) to obtain the permission for accessing the cloud services. Three shared secret keys are used for encrypting and decrypting the authentication process. We analyze the protocol using the Barrows-Abadi-Needham (BAN)-logic method and the results show that the protocol is robust and can protect the user against various attacks. Also, it can provide a secure mutual authentication mechanism.
  • loading
  • [1]
    Rose Karen, Eldridge Scott, and Chapin Lyman, “The internet of things: An overview,” The internet society (ISOC), vol. 80, pp. 1–50, 2015.
    [2]
    X. William, “GIV 2025 unfolding the industry blueprint of an intelligent world, ” Available at: https://www.huawei.com/minisite/giv/Files/whitepaper_en_2018.pdf, 2018.
    [3]
    A. Aich and A. Sen, “Study on cloud security risk and remedy,” International Journal of Grid and Distributed Computing, vol. 8, no. 2, pp. 155–166, 2015. doi: 10.14257/ijgdc.2015.8.2.15
    [4]
    R. Kalaiprasath, R. Elankavi, and R. Udayakumar, “Cloud security and compliance-a semantic approach in end to end security,” International Journal on Smart Sensing and Intelligent Systems, vol. 10, no. 5, pp. 482–494, 2017. doi: 10.21307/ijssis-2017-265
    [5]
    A. Hendre and K. P. Joshi, “A semantic approach to cloud security and compliance,” in Proceedings of 2015 IEEE 8th International Conference on Cloud Computing, New York, NY, USA, pp. 1081–1084, 2015.
    [6]
    A. B. Rabiah, K. K. Ramakrishnan, E. Liri, et al., “A lightweight authentication and key exchange protocol for IoT,” in Proceedings of the Workshop on Decentralized IoT Security and Standards, San Diego, CA, USA, pp. 1–6, 2018.
    [7]
    M. N. Aman, K. C. Chua, and B. Sikdar, “A light-weight mutual authentication protocol for IoT systems,” in Proceedings of 2017 IEEE Global Communications Conference, Singapore, Singapore, pp. 1–6, 2017.
    [8]
    Y. H. Chuang, N. W. Lo, C. Y. Yang, et al., “A lightweight continuous authentication protocol for the internet of things,” Sensors, vol. 18, no. 4, article no. 1104, 2018. doi: 10.3390/s18041104
    [9]
    R. K. Sheu, M. S. Pardeshi, and L. C. Chen, “Autonomous mutual authentication protocol in the edge networks,” Sensors, vol. 22, no. 19, article no. 7632, 2022. doi: 10.3390/s22197632
    [10]
    A. M. Abdul, S. Jena, and M. B. Raju, “Secure authentication protocol to cloud,” International Journal of Computer Sciences and Engineering, vol. 7, no. 5, pp. 1551–1557, 2019. doi: 10.26438/ijcse/v7i5.15511557
    [11]
    M. Naor and A. Shamir, “Visual cryptography,” in Proceedings of the Workshop on the Theory and Application of of Cryptographic Techniques, Perugia, Italy, pp. 1–12, 1995.
    [12]
    A. Walke, J. Bhanushali, A. Rajgor, et al., “Enhanced password processing scheme using visual cryptography and steganography,” International Journal on Recent and Innovation Trends in Computing and Communication, vol. 6, no. 4, pp. 35–37, 2018.
    [13]
    H. Y. Qin, T. Matsusaki, Y. Momoi, et al., “Dual visual cryptography using the interference color of birefringent material,” Journal of Software Engineering and Applications, vol. 10, no. 8, pp. 754–763, 2017. doi: 10.4236/jsea.2017.108041
    [14]
    T. Matsuzaki, H. Y. Qin, and K. Harada, “Color visual cryptography with stacking order dependence using interference color,” Open Journal of Applied Sciences, vol. 7, no. 7, pp. 329–336, 2017. doi: 10.4236/ojapps.2017.77026
    [15]
    R. I. Al-Khalid, R. A. Al-Dallah, A. M. Al-Anani, et al., “A secure visual cryptography scheme using private key with invariant share sizes,” Journal of Software Engineering and Applications, vol. 10, no. 1, pp. 1–10, 2017. doi: 10.4236/jsea.2017.101001
    [16]
    D. Devakumari and K. Geetha, “A survey of visual cryptographic method for secure data transmission,” International Journal of Advanced Research in Computer and Communication Engineering, vol. 6, no. 6, pp. 270–274, 2017. doi: 10.17148/ijarcce.2017.6647
    [17]
    P. Chouksey, R. Miri, K. Srinivas, et al., “A secret share and key generation based visual cryptography approach for retaining 2D and 3D RGB color using transposition,” Turkish Journal of Computer and Mathematics Education, vol. 12, no. 12, pp. 695–708, 2021.
    [18]
    Z. S. Xu, J. B. Xu, and L. D. Kuang, “A token-based authentication and key agreement protocol for cloud computing,” in Proceedings of the IEEE 6th International Conference on Smart Cloud, Newark, NJ, USA, pp. 38–43, 2021.
    [19]
    H. Al-Refai, K. Batiha, and A. M. Al-Refai, “An enhanced user authentication framework in cloud computing,” International Journal of Network Security & Its Applications, vol. 12, no. IJNSA, pp. 59–75, 2020. doi: 10.5121/ijnsa.2020.12204
    [20]
    Alshammari Abdulaziz, Alhaidari Sulaiman, Alharbi Ali, and Zohdy Mohamed, “Security threats and challenges in cloud computing,” 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), New York, NY, USA, pp. 46–51, 2017.
    [21]
    Kazuki Murakami, Ryota Hanyu, Qiangfu Zhao, and Yuya Kaneda, “Improvement of security in cloud systems based on steganography,” in Proceedings of 2013 International Joint Conference on Awareness Science and Technology & Ubi-Media Computing (iCAST 2013 & UMEDIA 2013), Aizu-Wakamatsu, Japan, pp. 503–508, 2013.
    [22]
    A. Y. AlKhamese, W. R. Shabana, and I. M. Hanafy, “Data security in cloud computing using steganography: A review,” in Proceedings of 2019 International Conference on Innovative Trends in Computer Engineering, Aswan, Egypt, pp. 549–558, 2019.
    [23]
    S. M. J. Islam, Z. H. Chaudhury, and S. Islam, “A simple and secured cryptography system of cloud computing,” in Proceedings of 2019 IEEE Canadian Conference of Electrical and Computer Engineering, Edmonton, Canada, pp. 1–3, 2019.
    [24]
    A. Arora, A. Khanna, A. Rastogi, et al., “Cloud security ecosystem for data security and privacy, ” in Proceedings of the 7th International Conference on Cloud Computing, Data Science & Engineering-Confluence, Noida, India, pp. 288–292, 2017.
    [25]
    K. Fan, Q. Luo, K. Zhang, et al., “Cloud-based lightweight secure RFID mutual authentication protocol in IoT,” Information Sciences, vol. 527, pp. 329–340, 2020. doi: 10.1016/j.ins.2019.08.006
    [26]
    M. Adeli, N. Bagheri, S. Sadeghi, et al., “χperbp: A cloud-based lightweight mutual authentication protocol, ” Peer-to-Peer Networking and Applications, in press.
    [27]
    K. Nimmy and M. Sethumadhavan, “Novel mutual authentication protocol for cloud computing using secret sharing and steganography,” in Proceedings of the Fifth International Conference on the Applications of Digital Information and Web Technologies, Bangalore, India, pp. 101–106, 2014.
    [28]
    C. Vorugunti, M. Sarvabhatla, and G. Murugan, “A secure mutual authentication protocol for cloud computing using secret sharing and steganography,” in Proceedings of 2014 IEEE International Conference on Cloud Computing in Emerging Markets, Bangalore, India, pp. 1–8, 2014.
    [29]
    S. R. Department, “Internet of Things - Number of connected devices worldwide 2015-2025,” Available at: https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide, 2016-11-27.
    [30]
    R. Dirk, “Visual cryptography,” Available at: https://www.ciphermachinesandcryptology.com/en/visualcrypto.htm, 2022-02-25.
    [31]
    G. Ateniese, C. Blundo, A. De Santis, et al., “Visual cryptography for general access structures,” Information and computation, vol. 129, no. 2, pp. 86–106, 1996. doi: 10.1006/inco.1996.0076
    [32]
    Z. Zhou, G. R. Arce, and G. Di Crescenzo, “Halftone visual cryptography,” IEEE Transactions on Image Processing, vol. 15, no. 8, pp. 2441–2453, 2006. doi: 10.1109/TIP.2006.875249
    [33]
    J. A. Kumar and G. Ganapathy, “A modified approach for Kerberos authentication protocol with secret image by using visual cryptography,” International Journal of Applied Engineering Research, vol. 12, no. 21, pp. 11218–11223, 2017.
    [34]
    Y. Zheng and C. H. Chang, “Secure mutual authentication and key-exchange protocol between PUF-embedded IoT endpoints,” in Proceedings of 2021 IEEE International Symposium on Circuits and Systems, Daegu, Korea, pp. 1–5, 2021.
    [35]
    P. K. Panda and S. Chattopadhyay, “A secure mutual authentication protocol for IoT environment,” Journal of Reliable Intelligent Environments, vol. 6, no. 2, pp. 79–94, 2020. doi: 10.1007/s40860-020-00098-y
    [36]
    W. Li, X. L. Li, J. T. Gao, et al., “Design of secure authenticated key management protocol for cloud computing environments,” IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 3, pp. 1276–1290, 2021. doi: 10.1109/tdsc.2019.2909890
    [37]
    M. A. Kiran, S. K. Pasupuleti, and R. Eswari, “A lightweight two-factor mutual authentication scheme for cloud-based IoT,” in Proceedings of the 4th International Conference and Workshops on Recent Advances and Innovations in Engineering, Kedah, Malaysia, pp. 1–6, 2019.
    [38]
    M. A. Al Sibahee, S. F. Lu, Z. A. Abduljabbar, et al., “Lightweight secure message delivery for E2E S2S communication in the IoT-cloud system,” IEEE Access, vol. 8, pp. 218331–218347, 2020. doi: 10.1109/access.2020.3041809
    [39]
    V. Odelu, A. K. Das, and A. Goswami, “A secure biometrics-based multi-server authentication protocol using smart cards,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 9, pp. 1953–1966, 2015. doi: 10.1109/tifs.2015.2439964
    [40]
    A. G. Reddy, E. J. Yoon, A. K. Das, et al., “Design of mutually authenticated key agreement protocol resistant to impersonation attacks for multi-server environment,” IEEE Access, vol. 5, pp. 3622–3639, 2017. doi: 10.1109/access.2017.2666258
    [41]
    D. B. He, S. Zeadally, N. Kumar, et al., “Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 9, pp. 2052–2064, 2016. doi: 10.1109/TIFS.2016.2573746
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(6)  / Tables(3)

    Article Metrics

    Article views (264) PDF downloads(38) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return