Cloud Authentication Based on Anonymous One-Time Password

  • Ali A. Yassin
  • Hai Jin
  • Ayad Ibrahim
  • Weizhong Qiang
  • Deqing Zou
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 214)


Cloud computing contains many enterprise applications that require from each user to perform authenticate at first step. Then, he will gain a permit from the service provider to access resources at second step. The issue breach remains facing a modern computing model. A more secure scheme is the two-factor authentication (2FA) that requires a second factor (such as finger print, token) with username/password. Nevertheless, the feasibility of 2FA is largely limited by high device cost, malicious attack and the deployment complexity. In this paper, we propose a scheme of 2FA in cloud computing systems that depends on One-Time Password (OTP), Asymmetric Scalar-product Preserving Encryption (ASPE) and RSA digital signature as two factors. Furthermore, it overcomes aforementioned issues and does not require extra devices such as token device, card reader in smart card and scanner in physiological biometrics. The proposed scheme distinguishes to resist practical attacks, high-security level, anonymous password, mutual authentication, identity management, the cloud server and a user can establish authenticated session keys, reduces the cost, and good performance.


Cloud authentication One-time password Security attacks Mutual authentication 



The work is supported by National High-tech R&D Program (863 Program) under grant No.2012AA012600, National Science and Technology Major Project of Ministry of Science and Technology of China under grant No.2010ZX-03004-001-03, and Wuhan City Programs for Science and Technology Development under grant No.201010621211.


  1. 1.
    Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)CrossRefGoogle Scholar
  2. 2.
    Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Jan, J.K., Chen, Y.Y.: ‘Paramita wisdom password’ authentication scheme without verification tables. J. Syst. Softw. 42(1), 45–57 (1998)CrossRefGoogle Scholar
  4. 4.
    Shin, S., Kobara, K., Imai, H.: A secure construction for threshold anonymous password-authenticated key exchange. IEICE Trans. Fundam. E91-A(11), 3312–3323 (2008)Google Scholar
  5. 5.
    Fred, C.: Security attack safe mobile and cloud-based one-time password tokens using rubbing encryption algorithm. Mobile Netw. Appl. 16(3), 304–336 (2011)CrossRefGoogle Scholar
  6. 6.
    Yassin, A.A., Jin, H., Ibrahim, A., Qiang, W., Zou, D.: Efficient password-based two factors authentication in cloud computing. Int. J. Secur. Appl. 6(2), 143–148 (2012)Google Scholar
  7. 7.
    Cho, E., Ghinita, G., Bertino, E.: Privacy-preserving similarity measurement for access control policies. In: Proceeding of the 6th ACM Workshop on Digital Identity Management, pp. 3–11. ACM Press, Chicago, USA (2010)Google Scholar
  8. 8.
    Forouzan, B.A.: Cryptography and Network Security. McGraw-Hill companies, Boston (2008)Google Scholar
  9. 9.
    Chien, H.Y., Jan, J.K., Tseng, Y.M.: A modified remote login authentication scheme based on geometric approach. J. Syst. Softw. 55(3), 287–290 (2001)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Shimizu, A.: A dynamic password authentication method by one-way function. IEICE Trans. Inf. Syst. 22(7), 630–636 (1990)Google Scholar
  11. 11.
    Mizuno, S., Yamada, K.T.: Authentication using multiple communication channels. In: Proceeding of ACM Workshop on Digital Identity Management, pp. 54–62. ACM Press, Alexandria, VA, USA (2005)Google Scholar
  12. 12.
    Zhu, J., Ma, J.: A new authentication scheme with anonymity for wireless environments. IEEE Trans. Consumer Electron. 50(1), 230–234 (2004)MathSciNetGoogle Scholar
  13. 13.
    Wang, Y., Liu, J., Xiao, F., Dan, J.: A more efficient and secure dynamic id-based remote user authentication scheme. Comput. Commun. 32(4), 583–585 (2009)CrossRefGoogle Scholar
  14. 14.
    Pathan, A.K., Hong, C.S., Suda, T.: A novel and efficient bilateral remote user authentication scheme using smart cards. In: Proceeding of IEEE International Conference on Consumer Electronics, pp. 1–2. IEEE Press, Las Vegas, NV, USA (2007)Google Scholar
  15. 15.
    Das, M.L., Saxena, A., Gulati, V.P.: A dynamic ID-based remote user authentication scheme. IEEE Trans. Consumer Electron. 50(2), 629–631 (2004)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2013

Authors and Affiliations

  • Ali A. Yassin
    • 1
  • Hai Jin
    • 1
  • Ayad Ibrahim
    • 1
  • Weizhong Qiang
    • 1
  • Deqing Zou
    • 1
  1. 1.Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and TechnologyHuazhong University of Science and TechnologyWuhanChina

Personalised recommendations