A Secure Authentication Scheme for Mobile Cloud Computing Against CCA

Authentication schemes employing identity-based encryption are widely used in mobile cloud computing environments. It enables users to get umpteen services from different cloud servers by registering only once with a third-party. However, in existing schemes, the security against chosen-ciphertext attacks and malicious private key generator is not well-considered. These security pitfalls may cause security and privacy issues in some application scenarios since an active attacker can send a number of adaptively chosen ciphertext and tries to distinguish the target ciphertext; succeeds may cause the exposure of the underlying secret key. In this paper, we propose a secure and efficient authentication scheme for mobile cloud computing with security against chosen-ciphertext attacks and malicious private key generator based on adaptive one-wayness trapdoor function and learning-parity with noise hardness assumption. Our comprehensive security proof demonstrates that our scheme is indistinguishable against chosen-ciphertext attacks.