Fog computing can effectively provide a variety of application support for the fast-growing number of Internet of Things devices. However, the unique characteristics of fog computing also bring new security problems, especially the identity authentication in fog computing will face new challenges: Low latency (cloud servers should not be involved in authentication); fog servers are not completely trusted; robustness (no user reregistration is required when a fog server leaves fog) and lightweight (fog devices have constrained resources). In order to solve these problems faced by identity authentication in fog computing, we propose an authentication scheme suitable for fog computing environment, which implements mutual authentication between fog users and fog devices with the cooperation of incompletely trusted fog servers. Formal security analysis using the extended real-or-random (ROR) model shows that the proposed scheme is provably secure, and informal security analysis shows that the proposed scheme can resist known attacks. Compared with existing schemes, the proposed scheme supports more functionality features. In addition, a comparative analysis of the communication costs and calculation costs of various schemes shows that our scheme is more suitable for application in fog computing environment than the existing schemes.

• 单位
  中国科学院; 中国科学院研究生院