Abstract
The rapid growth of Cloud Infrastructure (CI) has enabled advancements across domains such as healthcare, finance, and industrial automation. However, sensitive data in CI remains is vulnerable to various threats such as replay attacks, man-in-the-middle attacks, impersonation, and credential theft, especially over public networks. To address these challenges in this paper, a Secure Multi-Phase Authentication Protocol for Cloud Infrastructure (SMPA-CI) based on Elliptic Curve Cryptography has been proposed. The proposed protocol incorporates four phases such as system initialization, user registration, login authentication, and secure password update, where each employs lightweight cryptographic techniques, including digital signatures, elliptic curve-based key exchange, and hash functions. Unlike conventional authentication schemes, SMPA-CI emphasizes mutual authentication, user anonymity, and resistance to prevalent attack vectors, while maintaining efficiency suitable for resource-constrained devices. Experimental results demonstrate that SMPA-CI reduces computational cost by up to 18%, lowers communication overhead by 15%, and decreases authentication latency compared to existing ECC-based schemes. These results highlight the novelty and practicality of SMPA-CI in achieving a secure, scalable, and performance-aware authentication framework for modern cloud infrastructures.