MDA: message digest-based authentication for mobile cloud computing

The emerging area of mobile cloud computing will influence the future of varied applications, such as electronic commerce and health informatics. It is expected to rise in popularity over other models in cloud computing. This is facilitated by its simplicity, accessibility and ease of use. With mobile cloud computing, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. Despite the advantage of this innovative computing model, mobile devices in mobile cloud computing are open to more security risks because they often have to access cloud servers through untrusted networks from different locations. Therefore, security is a critical problem to be tackled in mobile cloud computing. One of the most important aspects of mobile cloud computing security is to establish authenticated communication sessions between mobile devices and cloud servers. In this paper, we present a novel authentication scheme, Message Digest-based Authentication (MDA). Technically, MDA strategically incorporates hashing, in addition to traditional user ID and passwords, to achieve mutual authentication. The effectiveness of MDA is validated with Scyther, a widely-used security protocol analyzer. Our experimental results indicate that MDA is capable of withstanding a variety of different security attacks, such as man-in-the-middle, replay attacks, etc.


Introduction
The emergence of cloud computing has increased the productivity of a variety of different fields through three service models: SaaS (software as a service), IaaS (infrastructure as a service), and PaaS (platform as a service) [11,30]. In traditional cloud computing, the following technologies have been used to provide varied services: • Public Cloud: Public cloud does not require the initial investment and offers a plethora of services to the general mass. However, it does not provide a high level of security for the data, nor does it provide control over the cloud infrastructure [45]. • Private Cloud: Private cloud, as its name indicates, is contrary to public cloud. Private clouds are owned by specific business organizations and are mainly used for internal services. Private cloud can be considered as another form of a traditional server. It provides *Correspondence: saurabh@cs.dal.ca 1 Dalhousie University, Halifax, Canada Full list of author information is available at the end of the article customized security for data and more control over the cloud infrastructure [18,45]. • Hybrid Cloud: Hybrid cloud is a combination of both private and public cloud, which is usually used by organizations to improve their resource performance. The organization places its non-important components on the public cloud and controls the computing environment through its private cloud [3]. • Virtualization: Virtualization is the core technology used in cloud computing environment. The cloud server provides the access to a pool of hardware, network and storage resources through virtualization [33]. A virtual platform is created to serve a client with customized configuration and requirements, and by initializing many virtual machines of this kind with limited number of actual physical resources, the cloud server is able to provide its services to multiple concurrent users. • PaaS (platform as a service): Platform as a service allows product deployment on the cloud, which requires distributed resources [4]. A web-based product might require the access to various resources or infrastructures that are distributed over multiple locations. In order to deploy these products, PaaS provides a platform that has the access to the cloud-based distributed resources. • IaaS (infrastructure as a service): Using infrastructure as a service, any individual or organization can lease cloud resources to accomplish their tasks [39], such as utilizing storage servers (e.g. renting EMC2 data servers as a storage) provided by a cloud service provider. • SaaS (software as a service): Software as a service is the most commonly used cloud service, where clients use open or proprietary cloud-based software, such as cloud based anti-virus and word processing software. • In addition to SaaS, PaaS, and IaaS, cloud service providers offer network-as-a-service (NaaS) [34] by providing the access to virtualized network resources and desktop-as-a-service (DaaS) [15] considering the demand of the availability of desktop resources on mobile devices.
With the advancement of cloud services and mobile technology, it is possible to access and process a large volume of data at any time and from any location. In today's fast-paced environment, this mobility-based complex computing system acts as one of the key components for the growth of research, economy, and society. This combination of cloud infrastructure and mobile technology brings in a new computational model called mobile cloud computing. With mobile cloud computing, resource-constrained mobile devices could capitalize on the computation/storage resources of cloud servers via communication networks. All of the technologies mentioned previously can be used in a mobile cloud computing system.
Despite the advantages of ease of access and 24-7 availability, mobile cloud computing leads to unprecedented security vulnerabilities because data has to be transferred between mobile devices and cloud servers. Therefore, we focus on the security aspect of mobile cloud computing, although many existing studies have attempted to address the behaviour, quality of service, scalability, flexibility, and pricing problem of cloud computing systems [27,29,35]. Addressing the security/vulnerability problem in mobile cloud computing is critical to the success of this promising technology.
In this paper, we attempt to improve the security of mobile cloud computing by introducing a novel authentication scheme, Message Digest-based Authentication (MDA). Existing studies indicate that, in general, a mobile cloud computing system uses either user id and password based authentication [36], or USIM (universal subscriber identity module) based authentication [2]. Different from the existing schemes, MDA employs both hashing and the traditional user id/password to arrive at an effective authentication mechanism. MDA ensures that mobile cloud computing is secured from any type of unauthorized access at the beginning of each communication session. This paper is an extension of the previously-published study [38]. As an improvement over the previous study, MDA employs the client registration expiry period and one-way mathematical hashing function to encrypt the user ID in order to make the authentication process more secure and more unpredictable.
The rest of the paper is organized as follows. "Related work" section describes the related work. The details of the proposed authentication scheme, MDA, are included in "MDA: message digest based authentication" section. The evaluation methodology and the in-depth security analysis are presented in "Evaluation methodology and Security analysis" sections respectively. Finally, "Conclusion" section concludes this paper.

Related work
It is important to address the security problems associated with cloud computing in general and mobile cloud computing in particular. Therefore, the related work is categorized into two themes according to the addressed problems. For both of these two themes, the security challenges are highlighted.

Cloud computing security
Popovic et al. describe a number of security issues related to cloud computing [32]. Their study identifies that remote location of resources and virtualization technologies make the cloud computing environment vulnerable to attacks. In cloud computing, all clients access a common resource location, which introduces security threat to the system. In addition, there is an integrity issue in cases of transfer, storage and retrieval. Furthermore, there is a no common standard to ensure data integrity. Different vendors follow different structures for data storage and access, as a result, clients cannot switch vendors easily and remain locked with one vendor. The other mentioned concern is the need for a common standard of encryption and decryption and client's control. Without proper encryption and security, a cloud environment becomes vulnerable, which introduces threat to attack during the transfer and store of sensitive data (identity or location of individual, race, health, union membership, sexual orientation, job performance, biometric, etc.).
Mathisen et al. explain the different policy issues related to cloud computing [30]. If employees of the cloud hosting company are careless and cannot be trusted, then it implies that there is an inherent vulnerability in the service offered. Similar to Popovic et al. this study also mentioned a potential major future concern with vendor lock-in [32]. Since there is no common standard for APIs (application programming interfaces), storage images and disaster recovery, portability from one vendor to another is an expensive operation. Other than these issues, software used in cloud computing is also an important part, which is vulnerable to external attacks. So by avoiding the use of only open source software in server virtualization, the vulnerability can be reduced.
Yandong et al. focus on different types of clouds viz, public, private and hybrid cloud, and the security issues associated with the public cloud [42]. Public cloud is accessible to a large majority of the general population without much restrictions. This, coupled with the fact that public cloud has plenty of user information, implies that the public cloud is susceptible to attacks.Furthermore, virtualization of the platform introduces security threats. Regulating administrator privileges is required for better authentication, security and privacy. If the virtualization platform is compromised, it implies that a majority of the virtual machines are under attack, which is a potential threat to data security.
To address the above mentioned issues, it is essential to have a standard cloud computing design and usage policy, employee trust, proprietary software for virtualization, and finally physical security of servers. However, data transmitted from a mobile device to a cloud server is still susceptible to several security issues, which will be addressed in the following sub-section.

Mobile cloud computing security
Increased use of mobile devices has meant that extensive research is being performed in the area of security in mobile cloud computing, particularly on authentication. Apart from policy and physical security, there are numerous security issues involved with data transmission and authentication, since mobile devices access cloud from different geographical locations, with different types of networks. The main focus of the study is to design a secure authentication scheme, which is a major component for a secure data transmission process.
Hong et al. describe the mobile cloud security issues related to malicious programs that are injected in a mobile cloud virtualization environment [21]. Virtual mobile instances running on cloud infrastructure are accessed using mobile devices to access resources such as, CPU, memory etc. The research involves usage of machine learning algorithm for detecting abnormal behaviour in the virtual mobile instances. This research is useful to secure the virtualization environment from malware. However, this research does not address issues related to authentication or integrity.
Jana et al. describe the various types of security threats that can appear in a mobile cloud computing environment [23]. Accessing enterprise data through mobile devices brings in privacy and security issues, e.g. locationservices of a mobile device help an adversary to predict the user's behaviour and movement. They focus on various threats related to AAA (Authorization, Authentication, and Accounting), such as malicious insiders, sniffing, spoofing, identity theft etc. As a control measure they suggest digital signature as used in SAML (Security Assertion Markup Language), security gateways, SSL, encryption, hashing. With the help of fishbone analysis they present, security and privacy threats associated with a mobile cloud computing environment.
Yoo et al. highlight about a cellular automata (CA) based lightweight scheme, which is used for multi-user authentication in the cloud environment [44]. The authentication is performed using a one-time password (OTP). For a sender, A, the authentication server sends a seed value (SeedA) and a CA rule. The CA is encrypted with the public key of A. Though this approach is OTP based and secure, SeedA is sent from the authentication server to user A without encryption.
Revar et al. describe the usefulness of single sign-on in a mobile cloud computing environment [36]. Single sign-on (SSO) is used on the top layer of cloud. They verified the single sign-on authentication scheme on a Ubuntu server. In SSO, a single user name and password combination is used to access multiple cloud applications. This scheme does not address exactly how a mobile device or any cloud compatible device will access the cloud using SSO.
Ahmad et al. propose a security framework that is based on the subscriber identity module [2]. The authentication is done at boot-time, and is based on USIM response to a random challenge issued by the cloud authentication service. The cloud authentication service has a database to store a list of services, mapping of users and their related services, mapping of IMSIs (International Mobile Subscriber Identity). This scheme works only with mobile devices that support USIM, which is a drawback in case cloud users want to switch to mobile devices that do not support USIM, such as tablets or laptop computers.

MDA: message digest based authentication
In a mobile cloud computing environment, a mobile device has to be registered with a cloud server as a prerequisite process prior to avail any kinds of cloud services. The data transmission between the mobile device and the cloud server must be performed once the mobile device authenticates the cloud server and vice-versa. A strong authentication scheme ensures secure communication between two legitimate parties even if the communication channel experiences potential vulnerability. Since the mobile device lacks of computational capability, it is not suitable to employ complex operations in the mobile device for authentication process. In a mobile cloud computing environment, if a mobile device is registered with a particular cloud service provider, both mobile device and cloud server must authenticate each other in a uniform way in order to secure the communication with a single authentication scheme, which allows a mobile user to access the cloud server from different locations using different networks and different types of mobile devices. A single and secure authentication scheme will help in preventing third party from posing as a legitimate mobile device or as a legitimate cloud service provider. Therefore, we focus on the following research question (RQ).
RQ: Will the use of mathematical hashing, in addition to simple user ID and password authentication improve the security between the mobile device and the cloud server?
To address this research question, we hypothesize that: H a : In mobile cloud computing environment, the proposed authentication scheme introduces hashing based security, which reduces the vulnerability of the system to attacks. To determine the vulnerability of the system, we compute the vulnerability score, S v , which is a measure of the number of attacks a scheme can prevent. The value of S v lies between 0.0 and 1.0: A low score of S v indicates that a scheme offers more security. The details of S v calculation are discussed in "Evaluation methodology" section.
Ahmad et al. mentioned that IMSI can be used as a mode of authentication [2]. However, not every mobile device has the built-in IMSI chip. For example, many iPads and laptops are not equipped with IMSI chips. Therefore, an authentication scheme based on IMSI is not appropriate for mobile cloud computing. Different than IMSIbased approaches, the proposed scheme, MDA, does not require any additional hardware infrastructure. Thus, MDA is applicable to a variety of different mobile devices, including those that do not have IMSI chips. In addition, with MDA, even if the mobile device is stolen, the authentication information of the user can remain to be safe. Furthermore, when users change their registered mobile devices, they can still access the cloud using other mobile devices after a few encrypted files (such as hashed user and cloud certificates, and/or policies) are ported. MDA is composed of three phases: Registration, Authentication and Update. The details of these phases are presented as follows.

Registration phase
The registration process of a mobile device or mobile user to a cloud server is a one time process wherein the user ID and the password are setup and some encrypted files are exchanged. Figure 1 presents an overview of the registration process. Technically, registration (i.e. setting up an account ) involves the exchange of user id, password and other unique information, such as credit card for accessing pay-per-use cloud services. We have considered a standard mobile device and cloud server registration process that can be accomplished using any standard protocol, such as SSH (secure shell). Upon setting up the mobile user account with cloud server, the cloud server performs a series of operations. Algorithm 1 shows the detailed registration process adopted in our research.
Role_Cloud recv(uid pwd) T k = uid ⊕ pwd EXP = Registration expiry period for the client #CF ← pointer{store(uid, pwd, T k )} MD user = hash(usage policy, user access level, user certificate) MD cloud = hash(user add policy, cloud resource restriction, cloud certificate) The two parties involved in the registration process are mobile device and the cloud server. Both the parties must be alive or be in the network to accomplish the registration process. During this phase, the mobile user's user ID and password are created to access the cloud server. Cloud Server stores hash{userID}, hash{password}, and user's mobile device information in big table for efficient lookup. It generates two hashed messages or message digests. The first, MD user , which consists of user policy (cloud resource usage policy, and user access level), and User certificate. The second message digest is MD cloud , and it consists of cloud policy (user add policy, cloud resource restriction/accessibility information), and Cloud certificate.
Upon generating both message digests, cloud server creates an encrypted message to transmit these information to the mobile device. The encrypted is message is: Pk pub_cloud is the cloud's public key, MD user and MD cloud are the generated message digests, and #CF is the column reference, which refers to the cloud authentication database for that particular cloud user information. These information are sent from the cloud server to the mobile device after encrypting with key T k that is generated in both the mobile device and cloud server by XORing (Exclusive OR) hashed userID and hashed password (Eq. 2). In addition, the cloud server generates an expiry period for the client registration information, which triggers a periodic update to the authentication parameters and thereby reduces the vulnerability of the system.
The proposed authentication scheme is applicable once the MD user , MD cloud , and #CF are transferred to the mobile device during the registration process.

Authentication phase
In our research, we have the following assumptions: • The cloud user has two message digests MD user , and MD cloud in the mobile device. • He/she knows his/her userID and password to access cloud services.
With these stated assumptions, we can proceed to describe our authentication scheme. At the beginning of each session, the mobile user or mobile device and the cloud server need to authenticate each other in order to start transferring actual data. The authentication process is divided into two steps: cloud authenticating mobile device and mobile device authenticating cloud. The details of these two steps are presented as follows.

Cloud authenticating mobile
The step of cloud authenticating mobile devices can be further split into two sub-steps. In the first sub-step, the following operations are carried out. Specifically, when a mobile device wants to send an authentication request to the cloud server, it generates a key T k , using hashed userID and hashed password (Eq. 2). The key T k , works as the seed for the PRNG (pseudo random number generator) to generate an authentication key, Auth_Key i . This authentication key Auth_Key i is required to encrypt the message digest MD, which is generated by hashing MD cloud and MD user (Eq. 3). The Auth_Key i is the n th sequence of bits generated by PRNG that is specified by the state identifier SI. Key T k is used to encrypt the state identifier SI, and the encrypted message digest E Auth_Key i {MD}. Finally, the encrypted message, E T k {E Auth_Key i {MD} SI} is sent to the cloud server (Fig. 2) along with the column reference #CF. Therefore, the message sent from mobile device to cloud server is #CF Algorithm 2 summarizes the operations involved in the first sub-step. These operations are carried out at the mobile device before the authentication request is transmitted to the cloud server. A flow chart for these operations is included in Fig. 2.
In the second sub-step, the following operations are carried out. Upon receiving the authentication request message, the cloud server performs decryption operations. The cloud server searches the specific hashed userID and hashed password in the cloud authentication database based on the shared column reference #CF that is sent in plain text along with the encrypted message.
Once the hashed userID and hashed password are found, the cloud server checks the registration validity of the user using EXP, stored at the server. If the user registration is not expired, then T k is generated (Eq. 2) by XOR operation. During this phase, the operations performed at the cloud server are shown in Fig. 3. The generated T k at the cloud server decrypts the  Fig. 3 Cloud server authenticates mobile device when the request is received [38] cloud server once the authentication request is received. A flow chart for these operations is included in Fig. 3.

Mobile authenticating cloud
Once the mobile device is authenticated, the cloud server sends its digital signature, which consists of MD encrypted with cloud's private key Pk priv_cloud , to the mobile device end. Algorithm 4 summarizes the operations performed at the cloud server during this phase, which includes the creation of digital signature DS and the transfer to mobile devices. A flow chart for these operations is included in Fig. 4.

Algorithm 4 Cloud_to_mobile_auth_req
Require: isAlive (mobile, cloud) hasNetworkAccess (mobile) isRegistered (mobile, cloud) Ensure: After receiving the digital signature DS, the mobile device decrypts it with cloud's public key Pk pub_cloud , stored in the mobile device. If the decrypted MD matches with the message digest MD stored in the mobile device, then it can be stated that the cloud server is legitimate. Algorithm 5 provides the operations that are performed by the mobile device after receiving cloud's digital signature DS.
On successful execution of the authentication process, both mobile device and cloud server establish a session for data transmission.

Update phase
The main purpose of the update phase is to modify the existing authentication entities to increase the degree of unpredictability in the authentication process. This phase is triggered due to reset of the expiry period EXP assigned to each registered mobile client. During the registration phase the cloud server generates an expiry period for each mobile client. This expiry period EXP is checked at the cloud server for each authentication request made by a mobile client. The assigned EXP for a mobile client is basically a real value that decrements over time and if it is reset Fig. 4 Mobile device authenticates cloud server using digital signature [38] or reaches zero then the client is considered as an unregistered client. Apart from assigning an expiry period for a registered client, the cloud server assigns the rate of decrement rate EXP for each expiry period associated with each client. Decrementing the value of EXP by rate EXP is activated by a trigger time tr EXP that enables the decrement process. The cloud server assigns varied expiry periods EXP, rate of decrements rate EXP , and trigger time tr EXP for its registered clients, which introduces variability in the expiry period.
If the expiry indicates the registration is expired, then the cloud server sends a re-registration request to the mobile device. The re-registration phase is same as registration phase. However, it verifies the old password and prompts to enter a new password. These information is sent to the cloud server in the similar fashion as the registration phase performs. Upon receiving the re-registration request, the cloud server generates a fresh MD user , and EXP for the client. Since, the password is changed, the new hashed password will be different than the old hashed password and thereby the generated T k (Eq. 2) will be different.

Evaluation methodology
We evaluate the proposed scheme by security analysis. By computing the vulnerability score, S v , we summarize the security offered by the scheme. The proposed scheme is coded using computer simulation environment [9]. We assume that the mobile device is already registered with the cloud server and obtained MD cloud , MD user , #CF, and Pk pub_cloud . In addition, we assume that both the mobile device and the cloud server are running the proposed scheme. During the operation of the proposed scheme, when a registered mobile sends the authentication request {E T k {E Auth_Key i {MD} SI} #CF} to the cloud server, or when the cloud server sends authentication response Pk priv_cloud {MD} to the mobile device, it may get compromised by some adversary. The computer simulation provides a way of creating mobile-cloud computing environment, where the initiator is configured as mobile device and the responder is configured as cloud server.

Simulation environment
A research can be performed by performing different types of studies, such as surveys, field study, experiments, computer simulation etc. [9]. We have considered computer simulation to validate our proposed scheme. In one of our simulations, we used a protocol analyzer called Scyther [12] as part of the security analayis to launch attacks on the proposed authentication scheme. Scyther analyzes a protocol once it is written in Scyther coding format. It accepts a minimum of two roles, where one role represents an initiator or sender and the other role represents a receiver. It allows us to define what type of key is used in the protocol, such as symmetric key, or asymmetric key, in addition it allows us to define whether a parameter is constant or variable. Once the protocol is defined, we can configure the attack scenarios. It has many predefined attack scenarios, which are used to test whether a protocol lacks confidentiality and integrity.

Methodology
We compute a vulnerability score (S v ) and we perform a security analysis of the scheme to describe how secure it is. Let us consider N is the number of attacks that are launched on the proposed scheme and N success is the number of successful attacks that are recorded. Then, the likelihood of successful attacks on the scheme defines its vulnerability score (S v ) (Eq. 4). Lesser vulnerability score indicates that the proposed scheme can prevent more number of attacks. The value of S v lies between 0.0 and 1.0 (Eq. 1) We configured the ted setup and the protocol analyzer Scyther for validating the MDA scheme. Scyther is configured from the setting option to launch all types of attacks. We analyzed our scheme for 10 RUNs, where both the mobile client and the cloud server have run the scheme to exchange messages. In order to compromise the system, during the execution of each run, Scyther tried to launch different types of attacks considering hackers have initial knowledge of the system. We made various security claims, which are validated by running our proposed scheme using Scyther. We have recorded the number of attacks to obtain the S v score.

MDA emulation
We have emulated the operations involved in MDA using Java program and validated it for man-in-themiddle attacks, and replay attacks. The proposed scheme MDA uses public key encryption in the registration process, symmetric encryption in authentication process and a standard hashing algorithm in generating the message digests. MDA does not have any specification for algorithms and therefore, any standard combinations of encryption algorithms and hashing algorithms could be used in the operations of MDA. In order to emulate the operations of MDA, we have used RSA (Rivest, Shamir, and Adelman) as the public key encryption algorithm, SHA1 (Secure Hash Algorithm 1) as the hashing algorithm, and AES (Advanced Encryption Standard) as the symmetric key encryption algorithm. Instances of two user defined java classes (CloudServer and MobileClient) are used to run the operations of MDA.
In addition, we configured the emulated MDA setup with two man-in-the-middle objects. These objects are responsible for modifying the authentication request frames sent from a mobile client to the cloud server, and authentication response frames sent from the cloud server to a mobile device. Upon creation of the mobile device object, we perform the registration process by sending the registration request to the cloud server. The cloud server object uses SHA1 algorithm to generate the client and cloud message digests. RSA Keypair generation is performed at the cloud server and the Pk pub_cloud is sent along with the MD user and MD cloud . Both entities, the mobile device and the cloud server use AES encryption with key T k during the authentication process. The expiry period EXP is set by the cloudserver. For our experiment, we considered only a single client-server model and therefore, we set both tr EXP and rate EXP as zero.
By invoking run() method of authentication thread, 1000 authentication request frames are sent from the registered mobile device to the cloud server as shown in Fig. 5. The man-in-the-middle attack object is activated randomly, and it modified the request frames that are sent. Among 1000 frames, 256 frames are modified in transit. The cloud server running MDA scheme has rejected all the modified request frames. Only 744 non modified request frames are processed by the cloud server and 744 authentication response frames are generated and sent back to the mobile device as shown in Fig. 6. MDA is a mutual authentication scheme, therefore, the authentication response frames are authenticated by the mobile device. Further, the second man-in-the-middle object has  launched random attacks on the response frames. Among 744 response frames, 108 are modified, which are later rejected by the mobile device. Only 636 non modified response frames are accepted. Less than 744 response frames are generated by the cloud server, if we use a non zero positive real value for rate EXP , which resets the EXP before sending all the 1000 request frames. Although the request frames are non modified and received from registered mobile device, reset of EXP forces the cloud server to reject the authentication request. If EXP resets, a registration object is initialized to perform the re-registration.
With MDA emulation, we are able to validate the operations of the MDA scheme and exhibit that MDA can withstand man-in-the-middle attacks. However, our emulation has failed to establish that MDA can prevent replay attacks on request or response frames. The scheme does not have any timestamp component, which makes it difficult to identify if a valid request frame is sent from an adversary at later stage. Therefore, replay attacks could be launched on the request frames before EXP resets.

Security analysis
The highlight of our scheme is the authentication process. However, the authentication scheme depends on an initial registration phase, which must be reliable and secure in order to keep safe the information required during the authentication phase. We evaluate the vulnerability of the registration phase using Scyther and identified that in the absence of security, hash{userID}, hash{password}, MD user , MD cloud are falsified and manin-the-middle attack can be launched. Therefore, in order to establish our approach as a standard authentication scheme in the mobile cloud computing environment, we perform the registration process in a secure manner by employing standard protocol, such as SSH (secure shell). Upon completion of the registration process with SSH, both parties (mobile and cloud server) obtain the necessary parameters for the authentication phase, which is performed using MDA.
To perform the security analysis of the authentication phase, we focus on evaluating the vulnerability of certain parameters such as, hash{userID}, hash{password}, MD user , MD cloud , which are used in our authentication scheme. If the vulnerability is high, i.e. these parameters are compromised at any level of communication between the mobile device and the cloud server during the authentication process, then we will fail to establish our hypothesis H a . In addition, we need to check the aliveness and synchronization of the mobile device and the cloud server during the authentication. We use the security analyzer Scyther to check the vulnerability of each of these parameters. Table 1 summarizes our claims and how secure the scheme is for each claim. In this section, we provide detailed security analysis of the claims that are validated using Scyther.
Claim 1: Auth_Key i remains secret throughout the authentication process. Auth_Key i is used to encrypt and decrypt the message digest MD to provide multi layer security . A Mobile device sends the message digest MD to the cloud server by encrypting with Auth_Key i , which is a symmetric key. Both parties, the mobile device and the cloud server can independently generate the Auth_Key i using state identifier SI. Since Auth_Key i is not exchanged between both the parties, it remains secret. Claim 2: State identifier SI is kept secret. SI is the state identifier for PRNG used to specify the n th sequence of PRNG as the desired pattern. The mobile device sends SI to the cloud server for specifying the n th sequence of PRNG to generate the Auth_Key i . SI is sent from mobile device to cloud server after encrypting with key T k . The claim at the mobile end that SI being secret is validated using Scyther. On the other hand, the cloud server does not share or send SI, therefore, it is safe at the cloud end. Claim 3: password is secret. The safety of the password depends on the user. Typically no one shares their password, thereby keeping it safe. The password can be a 512 bit string, which is hashed and a copy of the user's password is stored at the cloud server during registration process. The mobile device does not send the password during authentication process, but it is used at both ends to generate the key T k . Our password safety claim is validated by Scyther, but, in reality, it is dependent on the user. Claim 4: userID is safe. userID is sent to the cloud server only during the registration process, which is required along with the password to generate T k . The userID is hashed and a copy is stored at the cloud server during registration process. The mobile device does not send userID to the cloud server during authentication process. Therefore, userID remains safe. Our userID safety claim is validated by Scyther, but, in reality, it is dependent on the user. Claim 5: The scheme requires MD user to be a secret.
MD user is the hashed information related to the user, which may contain policy information and unique information about the user. This information is generated at the cloud server end and sent to the mobile device after a successful registration process. The information is hashed and encrypted with Auth_key i before transmitting from the user mobile device to the cloud end. Scyther validated our claim that MD user is safe. Claim 6: The scheme requires MD cloud is secret. MD cloud is the hashed information related to the cloud server, which may contain the cloud server certificate or other policy related information. As with MD user , this information is hashed and encrypted with Auth_key i before transmitting from mobile device to the cloud server. As part of the authentication process, the combination of MD user and MD cloud is used at the cloud end to verify whether the mobile device is legitimate. In addition, the combination of MD user and MD cloud encrypted with Pk priv_cloud is used as the cloud server digital signature to authenticate the cloud server by the mobile device. The protocol analyzer (Scyther) validated the claim that MD cloud is safe. Claim 7: Mobile device and the cloud server remains alive during the execution of the protocol. The cloud server is said to be alive if it has been using the proposed scheme for the initial (i − 1) messages exchanged with the mobile device, when the latter sends the i th message. The protocol analyzer (Scyther) validates the aliveness claim. Claim 8: Guarantees Weakagree [28]. Our proposed scheme guarantees that the mobile device is in weakagreement with the cloud server. Therefore, the mobile device is running the proposed scheme with the cloud server; likewise the cloud server is running the scheme with the mobile device. The communication is not affected by adversary during the operation of the proposed scheme. This claim is validated using the protocol analyzer (Scyther). Claim 9: Assures Niagree between the mobile device and the cloud server [28]. Niagree or Non-injective agreement ensures that the mobile device and the cloud server agree upon some data exchange during running of the proposed scheme. During the operation of the proposed scheme, the mobile device can send data to the cloud server safely (and vice-versa). If Niagree fails, then we can conclude that there is a man-in-the-middle attack during the operation of the protocol. However, our claim is validated using protocol analyzer (Scyther). Claim 10: Holds Nisynch during the authentication process [20]. Nisynch or non-injective synchronization is valid if all actions before the claim are performed as per the proposed scheme description. Nisynch ensures that there is no synchronization problem between the mobile device and the cloud server during the authentication process. Nisynch is validated using the protocol analyzer, Scyther.
Our security analysis results are based on Scyther validation, which indicates that MDA supports all of the claims that we have made during the execution of the scheme for multiple runs. The claims are not compromised by any types of attacks during the authentication process. Therefore, the vulnerability score (S v ) obtained is 0.0 , which satisfies the condition of our alternative hypothesis (H a ).
Hashing is a mechanism that makes the proposed scheme secure, and implicitly provides a means for integrity check. Even if any adversary sniffs the message that is sent during the authentication process, it is not possible for the adversary to interpret the message digests, MD cloud or MD user . Furthermore, it is worth noting that MDA is completely based on a technique employing simple userID, password, and hashing. It does not include any of the system specific properties such as IMSI of mobile phone or MAC (media access control) address of a laptop, which makes the scheme applicable to any type of mobile device without any alteration.

Conclusion
The emergence of mobile cloud computing has transitioned modern computing into a new phase. Mobile devices and cloud resources, the key components of mobile cloud computing, have enabled people to access and utilize the cloud services irrespective of their geographical locations and medium of communications. Numerous fields, such as healthcare, transportation, and financial services, can significantly benefit from mobile cloud computing. Despite the advantages of this innovative computing model, mobile cloud computing could seriously suffer from security/privacy problems. In this paper, we propose a novel authentication scheme for mobile cloud computing, Message Digest-based Authentication (MDA). Technically, MDA is composed of three phases: registration, authentication, and update. With these phases, MDA utilizes hashing, in addition to traditional user id and password based authentication, to ensure confidentiality and integrity during the authentication process. Our analysis results indicate that MDA can survive a variety of different attacks, such as man-in-the-middle, replay attacks, etc.