Jordanian Journal of Computers and Information Technology (Apr 2018)

AN EFFICIENT TWO-SERVER AUTHENTICATION AND KEY EXCHANGE PROTOCOL FOR ACCESSING SECURE CLOUD SERVICES

  • Durbadal Chattaraj,
  • Monalisa Sarma,
  • Debasis Samanta

DOI
https://doi.org/10.5455/jjcit.71-1513237171
Journal volume & issue
Vol. 4, no. 1
pp. 34 – 57

Abstract

Read online

To avail cloud services namely Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), etc. via insecure channel, it is necessary to establish a symmetric key between end user and remote Cloud Service Server (CSS). In such a provision, both the end parties demand proper auditing so that resources are legitimately used, and privacies are maintained. To achieve this, there is a need for a robust authentication mechanism. Towards the solution, a number of single server authenticated key agreement protocols have been reported recently. However, they are vulnerable to many security threats such as identity compromisation, impersonation, man-in-the-middle, replay, byzantine, offline dictionary and privileged-insider attacks. In addition to this, most of the existing protocols adopt the single server based authentication strategy which are prone to single point of vulnerability and single point of failure issues. This work proposes an efficient password-based two-server authentication and key exchange protocol addressing the major limitations in the existing protocols. The formal verification of the proposed protocol using Automated Validation of Internet Security Protocols and Applications (AVISPA) proofs that it is provably secure. The informal security analysis substantiates that the proposed scheme has successfully addressed the existing issues. The performance study contemplates that the overhead of the protocol is reasonable and comparable with other schemes. The proposed protocol can be considered as a robust authentication protocol for a secure access to the cloud services.

Keywords