Professional Documents
Culture Documents
A Privacy-Preserving Authentication in An Edge-Fog Environment
A Privacy-Preserving Authentication in An Edge-Fog Environment
1226
FSn}). An FSi communicates with the Fog users FUi ∈{ FU1, 1) Initialization phase:
FU2,..FUn}.
• Initially the RA will dispose of public and private key
pair (Kpub, Kpriv) and a set of chosen public parameters as
shown in Table II.
Kpub and public parameters are known by all fog servers
and fog users within a specific fog F.
2) Registration phase:
TABLE I. NOTATIONS
Notation Meaning In the registration phase, a fog user FU with identity IDfu
RA Registration Authority (exp email @) subscribes to the Registration Authority RA.
F Fog/location
FS Fog Server
FU Fog User • Fog user FUi within a Fog F self-generates his/her
IDF Fog identity
IDFS Identity of Fog server
pseudonym VID and private/ public key pair using
IDFU Identity of Fog user publicly known parameters such as the elliptic curve E
(Kpub, Kpriv) Public/Private key pair of RA (a, b and prime number p) and P its Generic point.
(Pfs, Sfs) Public/Private key pair of FS
(Pfu, Sfu) Public /Private key pair of FU FU calculates his/her virtual ID (VID) related to his/her
VID Fog user virtual ID used as pseudonym Identity to ensure anonymous communication by
EKpub(x). public key encryption of x using key Kpub
EPfs(x) public key encryption of x using key Pfs choosing randomly two numbers rfu and k using PRNG
SignKpriv(x) Signing x using private key Kpriv mechanism and computes its keys:
SKFS-FU Session key between FS and FU
Kfu pre-shared key
W
Challenge value insuring authentication between Pseudonym VID = rfu.P
FS and FU
Public key Pfu= k.P
SV Set of VID of registered fog users within a fog F
n 1, n 2 nonce values Private key Sfu= rfu.Kpub (= rfu.s.P = s. VID)
During authentication, the user does not reveal his/her identity • FU finishes the subscription by sending IDfu, VID, Pfu
over the public channel to achieve anonymity. and a nonce n1 to RA encrypted with the RA’s public key
Kpub.
The protocol is composed of the following phases: EKpub(IDfu || VID ||Pfu || n1)
1227
In return, RA replies with a specific pre-shared key Kfu, which In case of success verification, FS replies by sending
will be encrypted with Pfu. to FU the tuple <IDFS, IDF, VID,n1>
E Pfu(Kfu) 3. FU, after calculating Pfs, prepares a challenge (cfs,W)
and sends the tuple <cfs,n2> to the FS. W=cfs.Kfu.Pfs.
The adversary cannot retrieve the value W point of
For each server FSi belonging to the FU’s Fog location, RA
the elliptic curve with the known cfs and Pfs due to the
sends VIDs of Fog users encrypted under the FS’s public key
hard solving of the ECDLP [7] problem.
and signed with RA’s private key Kpriv to ensure authenticity.
4. FS calculates W’= cfs.Kfu.Pfs and sends W’ and
SV is a Set_of_VID which contains the associated Fog servers
nonce n2 to FU.
within a Fog F. SV={VID , IDFS, IDF, kfu}.
FU compares the point W’ received from FS with his
W. If they are equal, the operation is successful else
SignKpriv(EPfs(SV)) the communication is refused.
Once receiving the SV, each server FSi decrypts it and stores Step 3 and step 4 represent the challenge phase where FU
the VID for each fog user.
authenticates FS.
The authentication phase starts when a registered fog user a) Intra-Fog Authentication
in the Fog F wants to be authenticated by one of the F’s
servers FS.
In case of an intra-Fog authentication where a fog user
Initially, FU does not know the identity of any server but just
wants to move from one Fog server to another Fog server
requests a fog service.
within the same Fog, the authentication between FU and the
The exchanged messages are illustrated in the figure 3.
new FS will not need the intervention of the RA.
1. FU broadcasts <Hello Fog, VID,n1> to the Fog F.
The mutual authentication between FU and FS2 will be
2. An in-range server FS ∈ F checks if the VID of the achieved with exchanging parameters as shown in Figure 4
Fog user is not rogue by verifying the list of VID sent
by the RA.
1228
FS2 after receiving the broadcasting message from FU, checks In both Inter-Fog and Intra-Fog authentication, fog users
if the VID exists in SV, aborts if the verification fails, else, achieve the mutual authentication without any extra-overheads
responds FU and alert FS1 to avoid duplication of VID. and without the need to re-register.
Then a new challenging phase will be done between FS2 and 4) Session key between Fog Users and Fog Servers
FU. The exchanged messages have the same elements like
messages 2, 3 and 4 of figure 3. Once authentication phase ends with success, FS and FU
can calculate, at the same time, the session key to use in
encrypting exchanged data.
Since they co-exist in the same Fog F, Fog user and Fog
server will use the same public parameters delivered from RA.
FS side SK = e (V ,S )
fs − fu ID fs
= e(r .P , s . H ( ID , ID ))
fu 1 fs f
srfu
= e(P , H ( ID , ID ))
1 fs f
FU side = e( S ,P )
SK fs − fu fu fs
= e(r .s . P , H ( ID , ID ))
fu 1 fs f
srfu
= e(P , H ( ID , ID ))
1 fs f
b) Inter-Fog Authentication Once the authentication phase ends with success and both
FS and FU calculate the session key, they can start the use of
SKFS-FU to encrypt and decrypt exchanged messages.
The fog user in this case is moving from a Fog to another.
In this case, the mutual authentication is performed with the
intermediate of the RA. 5) Updating the Leaked Pseudonym
As shown in figure 5, when FU wants to roam from FS1 to
FS2 situated in another fog, FS2 asks RA for the legitimacy of Once a pseudonym is compromised or leaked, the fog user
FU. RA then checks the association of VID to F and informs can reconstruct his/her virtual id as follows:
FS1 about the new association (new IDF, VID). If the checking • Generates a random number x using PRNG
phase is successful, the lasting exchanged messages will have mechanism and computes VID*=x.P.
the same elements like messages 2, 3 and 4 of figure 3. • Sends identity updating request message
M = EKpub (IDfu || VID || VID*||n1’).
• Upon receiving the message from FU, RA will
decrypt the message, extract the new VID and resent
the updated list SV to concerned FSs.
1229
Mutual authentication between FU and FS is accomplished In Table III, we compare security performance of our solution
based on identities, pre-shared key Kfu and hard ECDLP. with other existing ones. We can see that our model meets the
required security needs in an Edge-Fog environment such as:
2) Fog user anonymity
• Confidential communication: encryption of the
In the proposed scheme, we choose to exchange the exchanged data between FS and FU with the
anonymous identity instead of the original identity of a fog established session key.
user. Since the pseudonym is generated with the PBC
technique, it is hard to an attacker to reveal the real identity of • User privacy: hiding the real identity of the user
the fog user. Only the RA knows the link between the real through the use of virtual identities (VID) in the
identity and the pseudonym of the Fog user. PBC scheme.
3) Forward and backward secrecy
• Mutual authentication: between FS and FU
through the challenge phase.
Forward and backward secrecy means that if public
parameters or exchanged parameters during authentication
phase are revealed at any time, it will not affect the preceding TABLE III. COMPARISON OF SECURITY PERFORMANCE
and subsequent session keys. In fact the pseudonym on which
depends the establishment of the session key is periodically user Mutual Key confidential
and randomly regenerated by FU. An adversary can not privacy authentication exchange communication
Maged - + + +
recover or decrypt historical sessions. [10]
Gomaa + - - +
4) Attack resistance et al[4]
Chen et - + + +
al[5]
Our scheme can resist against various types of attacks. Our + + + +
solution
Eavesdropping attack : for the eavesdropping, data
transmitted after the establishment of the connection between Mutual authentication in the Edge-Fog-Cloud architecture
a Fog user and a Fog server is encrypted with the session key has not been enough studied. One work that directly targets
skfs-fu. The attacker will not be able to acquire the content of this field is Maged’s one [10]. In his study, anonymity is not
data since he/she doesn't know skfs-fu. involved and the ID of user is openly transmitted over a public
channel.
Man in the middle MITM attack : Whenever an adversary
or a rogue fog server try a MITM attack by sniffing Table IV compares the computation requirement of our
exchanged messages between Fog user and Fog server and solution with Maged’ one in terms of cryptographic operations
collecting public parameters, he couldn’t guess the session key needed in each phase. We show that our solution requires less
because parameter s and Kfu are kept secret. Hence, neither computation ; we use just the pairing function and we do not
the challenge value nor the session key could be retrieved. need messages to establish the session key.
Replay attack : this kind of attack is not possible in our We note asym as asymmetric cryptography and sym as
scheme because nonce is sent with each message. symmetric cryptography .
1230
V. FORMAL VALIDATION The next step is the implementation of a prototype for this
scheme. We will use the C programming language with the
We evaluate the formal security analysis using the Miracl [16] and PBC libraries.
Automatic Validation of Internet Protocols and
Application[15] (AVISPA). References
The output shows in figure 6 that the protocol is safe (no
[1] Stojmenovic, Ivan, and Sheng Wen. "The fog computing paradigm:
attacks were found) and that the security goals of our formal Scenarios and security issues." Computer Science and Information
validation are attained. Systems (FedCSIS), 2014 Federated Conference on. IEEE, 2014.
We correctly compiled On-the-Fly-Model-Checker (OFMC) [2] Huang, Pseudonym-based cryptography for anonymous
[17] model and validated the fog user-fog server secured communications in mobile ad hoc networks , Int. J. Security and
communication protocol. Networks, Vol. 2,N 3/4, 2007
We defined the security goals as an input to the automatic [3] Jebri, Sarra, Abid Mohamed , and Bouallegue Ammar. "An efficient
scheme for anonymous communication in IoT." 2015 11th
formal proof of our protocol: International Conference on Information Assurance and Security
• Secrecy of the communication session between RA (IAS). IEEE, 2015.
and FS. [4] Gomaa, Ibrahim A., Abd-Elrahman, Emad , and Abid, Mohamed .
• Secrecy of the communication session between FS "Virtual Identity Approaches Evaluation for Anonymous
Communication in Cloud Environments." INTERNATIONAL
and FU. JOURNAL OF ADVANCED COMPUTER SCIENCE AND
• Authentication of RA by the FS. APPLICATIONS 7.2 (2016): 367-376.
[5] Chen, Tien-Ho, Hsiu-lien Yeh, and Wei-Kuan Shih. "An advanced
Even an intruder impersonates the FU to the FS, this should ecc dynamic id-based remote mutual authentication scheme for cloud
not allow him to get the SKfs-fu and access to services. computing." Multimedia and Ubiquitous Engineering (MUE), 2011
5th FTRA International Conference on. IEEE, 2011.
[6] Mishra, Raghavendra. "Anonymous remote user authentication and
key agreement for cloud computing." Proceedings of the Third
International Conference on Soft Computing for Problem Solving.
Springer India, 2014.
[7] IETF RFC 6090, February 2011, Fundamental Elliptic Curve
Cryptography Algorithms.
[8] Stojmenovic, Ivan, et al. "An overview of Fog computing and its
security issues." Concurrency and Computation: Practice and
Experience (2015).
[9] Tsai, Jia-Lun, and Nai-Wei Lo. "A privacy-aware authentication
scheme for distributed mobile cloud computing services." IEEE
systems journal 9.3 (2015): 805-815.
[10] Ibrahim, Maged. "Octopus: An Edge-Fog Mutual Authentication
Scheme."International Journal of Network Security (2016).
[11] Roman, Rodrigo, Javier Lopez, and Masahiro Mambo. "Mobile edge
computing, fog et al.: A survey and analysis of security threats and
challenges." Future Generation Computer Systems (2016).
[12] He, Debiao, et al. "Efficient Privacy-Aware Authentication Scheme
for Mobile Cloud Computing Services." IEEE Systems Journal
(2016).
[13] Yang, Xu, Xinyi Huang, and Joseph K. Liu. "Efficient handover
Fig. 6. AVISPA validation authentication with user anonymity and untraceability for Mobile
Cloud Computing." Future Generation Computer Systems 62 (2016):
190-195.
VI. CONCLUSION [14] D. Boneh and M. Franklin, Identity-Based Encryption from the Weil
Pairing, Advances in Cryptology-CRYPTO, Lecture Notes in
New authentication mechanisms are needed to secure Computer Science vol. 2139, pp 213-229, 2001
the three hierarchy architecture Edge-Fog-Cloud. In this [15] Armando, A. et al. (2005) ‘The AVISPA tool for the automated
validation of internet security protocols and applications’, in 17th
paper, a new anonymous and secure authentication scheme International Conference on Computer Aided Verification (CAV’05),
in fog-based cloud computing is presented. Our scheme LNCS, Vol. 3576, pp.281–285
provides a mutual authentication between fog servers and [16] CertiVox/MIRACL, https://github.com/CertiVox/MIRACL. accessed
fog users with the possibility of roaming between fogs in an 20 April 2017
anonymous and secure way. The security analysis and The [17] D. Basin, S. Mdersheim ,L. Vigan. An On-the-Fly Model-Checker for
formal validation with AVISPA tool have shown that our Security Protocol Analysis. In in proceedings of ESORICS 2003,
Lecture Notes in Computer Science, Volume 2808, pages 253270,
solution has improved security and privacy preservation 2003.
compared with some existing solutions.
1231