Cryptanalysis of User Authentication Scheme for Public Cloud Server
摘要
Public cloud servers have become a energy efficient fundamental component of modern computing, providing flexible and scalable resources to a wide range of users. However, ensuring the security of data stored in the public cloud is still a serious concern. Authentication protocols are essential for ensuring secure access to cloud resources. The Authentication and Key Agreement (AKA) system is frequently used for this purpose. In this study, we conducted a comprehensive cryptanalysis of the authentication scheme for public cloud server which was recently proposed by Khan et al. in 2023. Through meticulous examination, we discovered flaws in the areas of perfect forward secrecy, susceptibility to Denial of Service (DoS) attacks, lack of timestamp usage, and susceptibility to replay attacks.