A clogging resistant secure authentication scheme for fog computing services

Fog computing (FC) is an infrastructure consisting of decentralized computing, where computing resources such as storage, applications, and data are scattered among the cloud and data source. Fog computing inherits similar privacy and security concerns present in cloud computing, such as authentication and key management issues. Recently, Wazid et al. presented a scheme of authentication key exchange for fog computing called SAKA-FC to address these issues. We analyzed and identified that the SAKA-FC suffers from some severe vulnerabilities. Furthermore, we presented an improved scheme to mitigate these problems while retaining its strengths. The formal security analysis of the proposed scheme is validated through BAN logic. At the same time, the AVISPA tool is employed for automated formal security verification. Informal security analysis is conducted to attest that the proposal can confront the known attacks. Using computation and communication costs as the metrics, the proposed scheme is also compared with some state-of-the-art schemes. The proposed scheme achieves the same communication cost as of SAKA-FC, whereas the difference in computation cost is 24%. This increase in computation cost is justifiable as the proposal is resistant to clogging attacks and provides better security than the prior schemes.