Open Access

ARTICLE

Secure Key Management Based Mobile Authentication in Cloud

S. Shanmuga Priya¹, D. Yuvaraj^2,*, T. Satyanarayana Murthy³, Varghese S. Chooralil⁴, S. Navaneetha Krishnan⁵, P. Banumathy⁶, P. SundaraVadivel⁷

1 Department of Computer Science and Engineering, M.I.E.T Engineering College, Trichy, Tamilnadu, India
2 Department of Computer Science and Engineering, Cihan University, Duhok, Kurdistan Region, Iraq
3 Department of Computer Science and Engineering, Bapatla Engineering College, Bapatla, Andhra Pradesh, India
4 Department of Computer Science and Engineering, Rajagiri School of Engineering and Technology, Kakkanad, Kerala, India
5 Department Electronics and Communication Engineering, SACS MAVMM Engineering College, Madurai, Tamilnadu, India
6 Department of Information Technology, Karaikal Polytechnic College, Varichikudy-Karaikal, India
7 Department of Computer Science and Engineering, SACS MAVMM Engineering College, Madurai, India

* Corresponding Author: D. Yuvaraj. Email:

Computer Systems Science and Engineering 2022, 43(3), 887-896. https://doi.org/10.32604/csse.2022.021845

Received 16 July 2021; Accepted 16 November 2021; Issue published 09 May 2022

Abstract

Authentication is important to the security of user data in a mobile cloud environment. Because of the server’s user credentials, it is subject to attacks. To maintain data authentication, a novel authentication mechanism is proposed. It consists of three independent phases: Registration, login, and authentication and key agreement. The user registers with the Registration Center (RC) by producing a secret number that isn’t stored in the phone, which protects against privileged insider attacks. The user and server generate a nonce for dynamic user identity and agree on a session secret key for safe communication. The passwords are not stored on the computer or provided in plain text, they are resistant to replay, guessing, and stolen verification attacks. The suggested protocol uses a one-way hash function and XOR operations, with the client having remote access to a large number of servers over a secure communication channel. Concentrates on HMAC and SHA3 for Collision Free Hashing and to overcome length extension attacks. HMACs are substantially less affected by collisions than their underlying hashing algorithms alone. So adding an HMAC to an MD5 or SHA hash would make it substantially more difficult to break via a rainbow table.

---

Keywords

---