A Secure Mutual authentication approach to fog computing environment

Fog computing is a new emerging technology that complements the cloud and extends the services of cloud computing to be doser to the end devices. The cloud is usually located far from the devices which use their services and some of the recent research suggests that using a fog server as a nearby lightweight middleware can bridge the gap and provides rich resources doser to the end devices. Security is a crucial factor for the appropriate function-ing of fog computing. In particular, authentication and key exchange are significant chal-lenges which need to be taken into consideration in fog computing. Ensuring secure mutual authentication is very important for the security of fog computing since fog servers provide services to number of end users. However, the existing mutual authentication schemes are either having large computational overheads or are not able to achieve secure mutual au-thentication. In this paper, we propose a fog-based mutual authentication scheme using low-cost primitives such as Elliptic Curve Cryptography (ECC) and one-way hash functions. We also present the formal security analysis of our authentication approach to show that it protects all the interacting entities against various known cyber attacks. In addition, we vali-date our authentication scheme using the SPAN of AVISPA tool to confirm that it protects end users against several attacks. We evaluate our proposed authentication approach by com-paring it against state-of-the-art authentication schemes. Finally, through a case study and performance evaluation, we illustrate that our approach provides a secure and lightweight mutual key exchange protocol between three parties: the cloud, fog and edge devices. (c) 2021 Elsevier Ltd. All rights reserved.