Cloud Authentication Based on Anonymous One-Time Password
Cloud computing contains many enterprise applications that require from each user to perform authenticate at first step. Then, he will gain a permit from the service provider to access resources at second step. The issue breach remains facing a modern computing model. A more secure scheme is the two-factor authentication (2FA) that requires a second factor (such as finger print, token) with username/password. Nevertheless, the feasibility of 2FA is largely limited by high device cost, malicious attack and the deployment complexity. In this paper, we propose a scheme of 2FA in cloud computing systems that depends on One-Time Password (OTP), Asymmetric Scalar-product Preserving Encryption (ASPE) and RSA digital signature as two factors. Furthermore, it overcomes aforementioned issues and does not require extra devices such as token device, card reader in smart card and scanner in physiological biometrics. The proposed scheme distinguishes to resist practical attacks, high-security level, anonymous password, mutual authentication, identity management, the cloud server and a user can establish authenticated session keys, reduces the cost, and good performance.
KeywordsCloud authentication One-time password Security attacks Mutual authentication
The work is supported by National High-tech R&D Program (863 Program) under grant No.2012AA012600, National Science and Technology Major Project of Ministry of Science and Technology of China under grant No.2010ZX-03004-001-03, and Wuhan City Programs for Science and Technology Development under grant No.201010621211.
- 4.Shin, S., Kobara, K., Imai, H.: A secure construction for threshold anonymous password-authenticated key exchange. IEICE Trans. Fundam. E91-A(11), 3312–3323 (2008)Google Scholar
- 6.Yassin, A.A., Jin, H., Ibrahim, A., Qiang, W., Zou, D.: Efficient password-based two factors authentication in cloud computing. Int. J. Secur. Appl. 6(2), 143–148 (2012)Google Scholar
- 7.Cho, E., Ghinita, G., Bertino, E.: Privacy-preserving similarity measurement for access control policies. In: Proceeding of the 6th ACM Workshop on Digital Identity Management, pp. 3–11. ACM Press, Chicago, USA (2010)Google Scholar
- 8.Forouzan, B.A.: Cryptography and Network Security. McGraw-Hill companies, Boston (2008)Google Scholar
- 10.Shimizu, A.: A dynamic password authentication method by one-way function. IEICE Trans. Inf. Syst. 22(7), 630–636 (1990)Google Scholar
- 11.Mizuno, S., Yamada, K.T.: Authentication using multiple communication channels. In: Proceeding of ACM Workshop on Digital Identity Management, pp. 54–62. ACM Press, Alexandria, VA, USA (2005)Google Scholar
- 14.Pathan, A.K., Hong, C.S., Suda, T.: A novel and efficient bilateral remote user authentication scheme using smart cards. In: Proceeding of IEEE International Conference on Consumer Electronics, pp. 1–2. IEEE Press, Las Vegas, NV, USA (2007)Google Scholar