A2UA: An Auditable Anonymous User Authentication Protocol Based on Blockchain for Cloud Services

Regulating illegal activities in cyberspace to balance user privacy and cyberspace governance has been a non-trivial challenge when designing anonymous authentication solutions. For example, while several existing anonymous authentication protocols support accountability, they either risk leaking us...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on cloud computing 2023-07, Vol.11 (3), p.2546-2561
Main Authors: Lyu, Qiuyun, Li, Hao, Deng, Zhining, Wang, Jingyu, Ren, Yizhi, Zheng, Ning, Liu, Junliang, Liu, Huaping, Choo, Kim-Kwang Raymond
Format: Article
Language:English
Subjects:
Accountability
anonymous
Authentication
Blockchain
Blockchains
Cloud computing
cloud services
credit building
Cryptography
Cybersecurity
Privacy
Protocol
Protocols
Servers
Vehicle dynamics
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Regulating illegal activities in cyberspace to balance user privacy and cyberspace governance has been a non-trivial challenge when designing anonymous authentication solutions. For example, while several existing anonymous authentication protocols support accountability, they either risk leaking users' private keys or incur significant overhead for accountability in each ongoing authentication, including in cloud service-based authentication schemes. Seeking to address these limitations, this article proposes an auditable anonymous user authentication (A2UA) protocol based on blockchain for cloud services. The A2UA protocol mainly employs bilinear pairing, partial authentication factors, dynamic credits and fake-public keys (FPKs) to achieve anonymous mutual authentication between users and cloud service providers, and applies ring signature and blockchain to accomplish two-level accountability while maintaining user privacy. Our analysis results show that the A2UA protocol outperforms several other existing schemes in terms of security, computation and communication costs as well as security and privacy features. Additionally, it has good feasibility in terms of the Ethereum Gas cost as demonstrated in our evaluation.
ISSN:2168-7161
2372-0018
DOI:10.1109/TCC.2022.3216580