A Privacy-Preserved E2E Authenticated Key Exchange Protocol for Multi-Server Architecture in Edge Computing Networks

Edge computing has played an important role in enabling 5G technology which supports a great number of connected narrow-band IoT devices. In an edge computing architecture enabled with global mobile network, edge or IoT devices are wirelessly connected to the edge of the network. Data acquisition and processing will be handled at or close to the edge of the network in a distributed way. Since edge computing is a heterogeneous distributed interactive system with multiple domains and entities, it might suffer from potential attacks and threats. To provide a trusted edge computing, there must have a robust scheme that allows all participants to mutually authenticate in a secure and privacy-preserved way. With the rapid development of IoT technologies, mobile networks and edge computing architecture, single server has been unable to meet the needs of users. In this paper, we propose a privacy-preserved end-to-end password-based authenticated key exchange protocol for multi-server architecture in edge computing networks. Our protocol allows an end user to use an easy-to-remember password to login to the server, then through foreign agent compute a shared key with another end user for specific use of services. The proposed protocol provides strong user anonymity during communication process. Besides, the proposed protocol is proved to be secure using BAN logic and AVISPA tool. Furthermore, performance analysis shows that the proposed protocol gains stronger security and better computational efficiency. Providing lightweight computation with short key size of ECC, our work is a solution to lower latency and improve efficiency in edge computing networks.