pith. sign in

arxiv: 1907.08896 · v1 · pith:A5X3UKPQnew · submitted 2019-07-21 · 💻 cs.NI · cs.CR

A Lightweight and Privacy-Preserving Authentication Protocol for Mobile Edge Computing

Kuljeet Kaur , Sahil Garg , Georges Kaddoum , Mohsen Guizani , Dushantha Nalin K. Jayakody This is my paper

Pith reviewed 2026-05-24 18:49 UTC · model grok-4.3

classification 💻 cs.NI cs.CR
keywords mobile edge computingauthentication protocolelliptic curve cryptographylightweight securityprivacy preservationmutual authenticationattack resistance
0
0 comments X

The pith

A mutual authentication protocol for mobile edge computing uses elliptic curve cryptography and hashes to resist attacks with lower overhead than existing schemes.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper constructs a lightweight mutual authentication protocol for mobile edge computing environments that draws on elliptic curve cryptography, one-way hash functions, concatenation, random numbers, and timestamps. It relies on the hardness of discrete logarithm and computational Diffie-Hellman problems to block impersonation, replay, and man-in-the-middle attacks while preserving privacy. Comparative evaluation against prior schemes shows reduced communication and computational costs. The design targets the resource constraints typical of MEC deployments in IoT, vehicular, and cyber-physical systems. A sympathetic reader would value the result because MEC inherits cloud security issues yet must operate with minimal latency and on constrained devices.

Core claim

The authors present an efficient mutual authentication protocol for MEC based on elliptic curve cryptography, one-way hash functions, and concatenation operations. The protocol leverages discrete logarithm problems, computational Diffie-Hellman assumptions, random numbers, and timestamps to resist impersonation, replay, man-in-the-middle, and related attacks. Formal analysis and overhead comparisons establish that the scheme incurs relatively less communication and computational cost than current state-of-the-art proposals, making it suitable for resource-constrained MEC settings.

What carries the argument

The mutual authentication protocol built from elliptic curve cryptography, one-way hash functions, random numbers, and timestamps, with security resting on discrete logarithm and computational Diffie-Hellman hardness.

If this is right

  • The protocol resists impersonation attacks, replay attacks, and man-in-the-middle attacks.
  • Communication and computational overheads are lower than those of existing state-of-the-art schemes.
  • The design is appropriate for adoption in resource-constrained MEC environments.
  • Privacy is preserved through the use of random numbers and timestamps in decentralized MEC architectures.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The protocol could be deployed in vehicular networks where mobility adds further timing constraints not modeled in the paper.
  • Real-world testing would need to check whether the formal security model misses implementation-specific leaks such as timing or power analysis.
  • If overhead savings hold across more MEC workloads, the scheme could reduce energy use in battery-powered IoT edge devices.

Load-bearing premise

That resistance to listed attacks under abstract discrete-log and Diffie-Hellman assumptions remains intact once the protocol is coded and run on real MEC hardware subject to side channels and implementation errors.

What would settle it

A concrete implementation of the protocol in which an adversary successfully impersonates a legitimate party or in which measured communication and computation costs exceed those of at least one competing scheme under identical MEC workload conditions.

Figures

Figures reproduced from arXiv: 1907.08896 by Dushantha Nalin K. Jayakody, Georges Kaddoum, Kuljeet Kaur, Mohsen Guizani, Sahil Garg.

Figure 1
Figure 1. Figure 1: A typical setup of MEC. servers are provided with computational and storage func￾tionalities. These servers are geographically dispersed and deployed in close proximity of the mobile users; often at mobile base stations. Their closeness to the users helps reduce the latency and enhance the user experience significantly. The mobile users can access MEC services via their vehi￾cles, smartphones, tablets, etc… view at source ↗
Figure 2
Figure 2. Figure 2: Phase II: User Registration Phase. MEC Server (ms) RC Registration Request −−−−−−−−−−→ •Selects IDms •Generate rms ∈ Z ∗ q •Compute Rms = rms.P •Compute hms = H1(IDms||Rms) •Compute SIDms = (rms + dRC .hms)mod q •Generate dms ∈ Z ∗ q •Compute Pms = dms.P <SIDms, dms, rms> over secure channel ←−−−−−−−−−−−−−−−−−−−−−−−− •Saves SIDms, dms, & rms [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Phase III: Server Registration Phase. D. Phase IV: Authentication Phase During this phase, the mobile user and the MEC sever authenticate each other through a challenge-response mech￾anism and establish a shared session key for secure data transmission. The detailed processed is discussed as under ( [PITH_FULL_IMAGE:figures/full_fig_p003_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Phase IV: Authentication Phase. 3) User anonymity: In the designed protocol, the users’ identity is completely masked using pseudo identity, i.e., SIDu. Furthermore, neither the IDu nor SIDu is ever transmitted to the server in clear text format. For instance, during the first authentication pass, SIDu is masked using Tu and R1−ms. Here, the extraction of R1−ms is an infeasible process as it involves the i… view at source ↗
read the original abstract

With the advent of the Internet-of-Things (IoT), vehicular networks and cyber-physical systems, the need for real-time data processing and analysis has emerged as an essential pre-requite for customers' satisfaction. In this direction, Mobile Edge Computing (MEC) provides seamless services with reduced latency, enhanced mobility, and improved location awareness. Since MEC has evolved from Cloud Computing, it inherited numerous security and privacy issues from the latter. Further, decentralized architectures and diversified deployment environments used in MEC platforms also aggravate the problem; causing great concerns for the research fraternity. Thus, in this paper, we propose an efficient and lightweight mutual authentication protocol for MEC environments; based on Elliptic Curve Cryptography (ECC), one-way hash functions and concatenation operations. The designed protocol also leverages the advantages of discrete logarithm problems, computational Diffie-Hellman, random numbers and time-stamps to resist various attacks namely-impersonation attacks, replay attacks, man-in-the-middle attacks, etc. The paper also presents a comparative assessment of the proposed scheme relative to the current state-of-the-art schemes. The obtained results demonstrate that the proposed scheme incurs relatively less communication and computational overheads, and is appropriate to be adopted in resource constraint MEC environments.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 1 minor

Summary. The paper proposes an efficient and lightweight mutual authentication protocol for Mobile Edge Computing (MEC) environments using Elliptic Curve Cryptography (ECC), one-way hash functions, and concatenation operations. It leverages discrete logarithm problems, computational Diffie-Hellman assumption, random numbers, and timestamps to claim resistance to impersonation, replay, man-in-the-middle, and other attacks. The paper also includes a comparative assessment showing lower communication and computational overheads suitable for resource-constrained MEC settings.

Significance. If the informal security arguments can be strengthened with formal proofs and the performance claims validated with concrete benchmarks, this work could contribute a practical authentication scheme for MEC, addressing security and privacy concerns in IoT and vehicular networks with reduced latency.

major comments (3)
  1. [Abstract] Abstract: The central claims of attack resistance (via DLP/CDH, randoms, timestamps) and lower overheads are asserted without any security proofs, formal analysis details, or concrete performance numbers provided in the text.
  2. [Security Analysis] Security analysis (inferred from abstract and skeptic note): Resistance to impersonation, replay, MITM etc. is supported only by informal case-by-case arguments; no security model is defined, no game-based reduction or simulation proof is given, and formal_verification=none.
  3. [Performance Comparison] Comparative assessment: No independent benchmarks or explicit metric definitions are supplied, leaving open the possibility that evaluation choices favor the new scheme by construction (circularity concern).
minor comments (1)
  1. Define all abbreviations (MEC, ECC, DLP, CDH) at first use for clarity.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the constructive comments on our manuscript. We address each major comment below with clarifications on the existing content and our willingness to revise where appropriate. The security analysis uses standard informal arguments common to the field, and performance metrics follow established conventions, but we acknowledge opportunities to strengthen both.

read point-by-point responses

  1. Referee: [Abstract] Abstract: The central claims of attack resistance (via DLP/CDH, randoms, timestamps) and lower overheads are asserted without any security proofs, formal analysis details, or concrete performance numbers provided in the text.

    Authors: The abstract is intended as a concise summary. The full manuscript details the informal security arguments based on DLP and CDH hardness assumptions, random nonces, and timestamps in the dedicated security analysis section, showing resistance to the listed attacks via case analysis. Concrete overhead calculations (communication in bits and computation in primitive operations) appear in the performance comparison section with explicit comparisons to prior schemes. We agree that the abstract itself does not include these details and can revise it to reference the sections more explicitly. revision: partial

  2. Referee: [Security Analysis] Security analysis (inferred from abstract and skeptic note): Resistance to impersonation, replay, MITM etc. is supported only by informal case-by-case arguments; no security model is defined, no game-based reduction or simulation proof is given, and formal_verification=none.

    Authors: The manuscript presents informal security analysis by enumerating potential attacks and demonstrating how protocol elements (ECC operations, hashes, randoms, timestamps) prevent them under standard assumptions. This case-by-case approach is widely used in authentication protocol literature. We recognize the value of a formal security model with reductions and agree this would strengthen the work; we will incorporate a formal proof section in the revised manuscript. revision: yes

  3. Referee: [Performance Comparison] Comparative assessment: No independent benchmarks or explicit metric definitions are supplied, leaving open the possibility that evaluation choices favor the new scheme by construction (circularity concern).

    Authors: The performance section defines communication overhead as the total bits exchanged in authentication messages and computational overhead as the count of hash, ECC multiplication, and addition operations, using standard costs from the literature for each primitive. These are applied uniformly to the proposed scheme and compared schemes to derive the reported lower overheads. While no runtime implementation benchmarks on specific hardware are included, the analytical method is transparent and not circular. We can add an explicit subsection defining the metrics and their sources in revision to eliminate any ambiguity. revision: partial

Circularity Check

0 steps flagged

No significant circularity detected

full rationale

The paper proposes an ECC-based authentication protocol and supports its security claims via informal case-by-case arguments under standard assumptions (DLP, CDH). No equations, parameter fits, or self-citations are shown that reduce any central claim to its own inputs by construction. The comparative assessment against prior schemes is mentioned but supplies no metric definitions or evaluation choices that would qualify as fitted-input-called-prediction or renaming-known-result. The derivation chain is therefore self-contained and does not match any enumerated circularity pattern.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The protocol rests entirely on long-established cryptographic hardness assumptions without introducing new free parameters, entities or ad-hoc axioms.

axioms (2)
  • domain assumption Elliptic curve discrete logarithm problem is computationally intractable
    Invoked to underpin resistance to impersonation and related attacks
  • domain assumption One-way hash functions are collision resistant
    Used for message integrity and authentication tokens

pith-pipeline@v0.9.0 · 5769 in / 1318 out tokens · 29578 ms · 2026-05-24T18:49:22.999404+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

16 extracted references · 16 canonical work pages

  1. [1]

    Edge computing in the industrial internet of th ings environment: Software-defined-networks-based edge-clou d interplay,

    K. Kaur, S. Garg, G. S. Aujla, N. Kumar, J. J. Rodrigues, an d M. Guizani, “Edge computing in the industrial internet of th ings environment: Software-defined-networks-based edge-clou d interplay,” IEEE communications magazine , vol. 56, no. 2, pp. 44–51, 2018

    work page 2018

  2. [2]

    Sec urity in mobile edge caching with reinforcement learning,

    L. Xiao, X. Wan, C. Dai, X. Du, X. Chen, and M. Guizani, “Sec urity in mobile edge caching with reinforcement learning,” IEEE Wireless Communications, vol. 25, no. 3, pp. 116–122, 2018

    work page 2018

  3. [3]

    Edge Computing-Based Security Framework fo r Big Data Analytics in V ANETs,

    S. Garg, A. Singh, K. Kaur, G. S. Aujla, S. Batra, N. Kumar, and M. S. Obaidat, “Edge Computing-Based Security Framework fo r Big Data Analytics in V ANETs,” IEEE Network, vol. 33, no. 2, pp. 72–81, 2019

    work page 2019

  4. [4]

    Edge-based content delivery for providing QoE in wireless networks using quotient filter,

    S. Garg, A. Singh, K. Kaur, S. Batra, N. Kumar, and M. S. Oba idat, “Edge-based content delivery for providing QoE in wireless networks using quotient filter,” in IEEE International Conference on Communi- cations (ICC), Kansas City, USA , May 2018

    work page 2018

  5. [5]

    Blockchain-Based Lightweight Authentication Mechanism for V ehic- ular Fog Infrastructure,

    K. Kaur, S. Garg, G. Kaddoum, F. Gagnon, and S. H. Ahmed, “Blockchain-Based Lightweight Authentication Mechanism for V ehic- ular Fog Infrastructure,” in IEEE International Conference on Commu- nications W orkshops (ICC W orkshops), Shanghai, China , May 2019

    work page 2019

  6. [6]

    An Efficient Blockchain-Based Hierarchical Authenticati on Mecha- nism for Energy Trading in V2G Environment,

    S. Garg, K. Kaur, G. Kaddoum, F. Gagnon, and J. J. P . C. Rodr igues, “An Efficient Blockchain-Based Hierarchical Authenticati on Mecha- nism for Energy Trading in V2G Environment,” in IEEE International Conference on Communications W orkshops (ICC W orkshops), S hang- hai, China , May 2019

    work page 2019

  7. [7]

    A fr amework for efficient and secured mobility of IoT devices in mobile ed ge computing,

    S. Almajali, H. B. Salameh, M. Ayyash, and H. Elgala, “A fr amework for efficient and secured mobility of IoT devices in mobile ed ge computing,” in Third International Conference on F og and Mobile Edge Computing (FMEC), Barcelona, Spain . IEEE, April 2018

    work page 2018

  8. [8]

    A Provably Se- cure and Efficient Identity-Based Anonymous Authenticatio n Scheme for Mobile Edge Computing,

    X. Jia, D. He, N. Kumar, and K.-K. R. Choo, “A Provably Se- cure and Efficient Identity-Based Anonymous Authenticatio n Scheme for Mobile Edge Computing,” IEEE Systems Journal , 2019, DOI: 10.1109/JSYST.2019.2896064

    work page doi:10.1109/jsyst.2019.2896064 2019

  9. [9]

    A privacy-aware authenticatio n scheme for distributed mobile cloud computing services,

    J.-L. Tsai and N.-W. Lo, “A privacy-aware authenticatio n scheme for distributed mobile cloud computing services,” IEEE Systems Journal , vol. 9, no. 3, pp. 805–815, 2015

    work page 2015

  10. [10]

    On the security of a privacy- aware authentication scheme for distributed mobile cloud comput ing services,

    Q. Jiang, J. Ma, and F. Wei, “On the security of a privacy- aware authentication scheme for distributed mobile cloud comput ing services,” IEEE Systems Journal , vol. 12, no. 2, pp. 2039–2042, 2018

    work page 2039

  11. [11]

    An improved Multi-server Authentication Sch eme for Distributed Mobile Cloud Computing Services,

    A. Irshad, M. Sher, H. F. Ahmad, B. A. Alzahrani, S. A. Cha udhry, and R. Kumar, “An improved Multi-server Authentication Sch eme for Distributed Mobile Cloud Computing Services,” KSII Transactions on Internet and Information Systems , vol. 10, no. 12, pp. 6092–6115, 2016

    work page 2016

  12. [12]

    A more secure and privacy-aware anonymous user authentica tion scheme for distributed mobile cloud computing environment s,

    R. Amin, S. H. Islam, G. Biswas, D. Giri, M. K. Khan, and N. Kumar, “A more secure and privacy-aware anonymous user authentica tion scheme for distributed mobile cloud computing environment s,” Security and Communication Networks , vol. 9, no. 17, pp. 4650–4666, 2016

    work page 2016

  13. [13]

    Efficien t privacy- aware authentication scheme for mobile cloud computing ser vices,

    D. He, N. Kumar, M. K. Khan, L. Wang, and J. Shen, “Efficien t privacy- aware authentication scheme for mobile cloud computing ser vices,” IEEE Systems Journal , vol. 12, no. 2, pp. 1621–1631, 2018

    work page 2018

  14. [14]

    An Enhanced Pri vacy- Aware Authentication Scheme for Distributed Mobile Cloud C omputing Services,

    L. Xiong, D. Peng, T. Peng, and H. Liang, “An Enhanced Pri vacy- Aware Authentication Scheme for Distributed Mobile Cloud C omputing Services,” KSII Transactions on Internet and Information Systems , vol. 11, no. 12, pp. 6169–6187, 2017

    work page 2017

  15. [15]

    AEP-PPA: An anonymous, efficient and provably-secure priv acy- preserving authentication protocol for mobile services in smart cities,

    J. Li, W. Zhang, V . Dabra, K.-K. R. Choo, S. Kumari, and D. Hogrefe, “AEP-PPA: An anonymous, efficient and provably-secure priv acy- preserving authentication protocol for mobile services in smart cities,” Journal of Network and Computer Applications , vol. 134, pp. 52–61, 2019

    work page 2019

  16. [16]

    An intellig ent RFID- enabled authentication scheme for healthcare application s in vehicular mobile cloud,

    N. Kumar, K. Kaur, S. C. Misra, and R. Iqbal, “An intellig ent RFID- enabled authentication scheme for healthcare application s in vehicular mobile cloud,” Peer-to-Peer Networking and Applications, vol. 9, no. 5, pp. 824–840, 2016

    work page 2016