Skip to main content
SpringerLink
Log in

Cloud Authentication Based on Anonymous One-Time Password

  • Conference paper
  • First Online:
Ubiquitous Information Technologies and Applications

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 214))

Abstract

Cloud computing contains many enterprise applications that require from each user to perform authenticate at first step. Then, he will gain a permit from the service provider to access resources at second step. The issue breach remains facing a modern computing model. A more secure scheme is the two-factor authentication (2FA) that requires a second factor (such as finger print, token) with username/password. Nevertheless, the feasibility of 2FA is largely limited by high device cost, malicious attack and the deployment complexity. In this paper, we propose a scheme of 2FA in cloud computing systems that depends on One-Time Password (OTP), Asymmetric Scalar-product Preserving Encryption (ASPE) and RSA digital signature as two factors. Furthermore, it overcomes aforementioned issues and does not require extra devices such as token device, card reader in smart card and scanner in physiological biometrics. The proposed scheme distinguishes to resist practical attacks, high-security level, anonymous password, mutual authentication, identity management, the cloud server and a user can establish authenticated session keys, reduces the cost, and good performance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)

    Article  Google Scholar 

  2. Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)

    Article  MathSciNet  Google Scholar 

  3. Jan, J.K., Chen, Y.Y.: ‘Paramita wisdom password’ authentication scheme without verification tables. J. Syst. Softw. 42(1), 45–57 (1998)

    Article  Google Scholar 

  4. Shin, S., Kobara, K., Imai, H.: A secure construction for threshold anonymous password-authenticated key exchange. IEICE Trans. Fundam. E91-A(11), 3312–3323 (2008)

    Google Scholar 

  5. Fred, C.: Security attack safe mobile and cloud-based one-time password tokens using rubbing encryption algorithm. Mobile Netw. Appl. 16(3), 304–336 (2011)

    Article  Google Scholar 

  6. Yassin, A.A., Jin, H., Ibrahim, A., Qiang, W., Zou, D.: Efficient password-based two factors authentication in cloud computing. Int. J. Secur. Appl. 6(2), 143–148 (2012)

    Google Scholar 

  7. Cho, E., Ghinita, G., Bertino, E.: Privacy-preserving similarity measurement for access control policies. In: Proceeding of the 6th ACM Workshop on Digital Identity Management, pp. 3–11. ACM Press, Chicago, USA (2010)

    Google Scholar 

  8. Forouzan, B.A.: Cryptography and Network Security. McGraw-Hill companies, Boston (2008)

    Google Scholar 

  9. Chien, H.Y., Jan, J.K., Tseng, Y.M.: A modified remote login authentication scheme based on geometric approach. J. Syst. Softw. 55(3), 287–290 (2001)

    Article  MathSciNet  Google Scholar 

  10. Shimizu, A.: A dynamic password authentication method by one-way function. IEICE Trans. Inf. Syst. 22(7), 630–636 (1990)

    Google Scholar 

  11. Mizuno, S., Yamada, K.T.: Authentication using multiple communication channels. In: Proceeding of ACM Workshop on Digital Identity Management, pp. 54–62. ACM Press, Alexandria, VA, USA (2005)

    Google Scholar 

  12. Zhu, J., Ma, J.: A new authentication scheme with anonymity for wireless environments. IEEE Trans. Consumer Electron. 50(1), 230–234 (2004)

    MathSciNet  Google Scholar 

  13. Wang, Y., Liu, J., Xiao, F., Dan, J.: A more efficient and secure dynamic id-based remote user authentication scheme. Comput. Commun. 32(4), 583–585 (2009)

    Article  Google Scholar 

  14. Pathan, A.K., Hong, C.S., Suda, T.: A novel and efficient bilateral remote user authentication scheme using smart cards. In: Proceeding of IEEE International Conference on Consumer Electronics, pp. 1–2. IEEE Press, Las Vegas, NV, USA (2007)

    Google Scholar 

  15. Das, M.L., Saxena, A., Gulati, V.P.: A dynamic ID-based remote user authentication scheme. IEEE Trans. Consumer Electron. 50(2), 629–631 (2004)

    Article  Google Scholar 

Download references

Acknowledgments

The work is supported by National High-tech R&D Program (863 Program) under grant No.2012AA012600, National Science and Technology Major Project of Ministry of Science and Technology of China under grant No.2010ZX-03004-001-03, and Wuhan City Programs for Science and Technology Development under grant No.201010621211.

Author information

Authors and Affiliations

  1. Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China

    Ali A. Yassin, Hai Jin, Ayad Ibrahim, Weizhong Qiang & Deqing Zou

Authors
  1. Ali A. Yassin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ayad Ibrahim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Weizhong Qiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Deqing Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hai Jin .

Editor information

Editors and Affiliations

  1. and Education, Computer Science and Engineering, Korea University of Technology, Chungjeolno, Byeongchun 1600, CheonAn, 330-861, Korea, Republic of (South Korea)

    Youn-Hee Han

  2. , Division of Computer Science and Enginee, SoonChunHyang University, Sinchang, Chungnam, 336-745, Korea, Republic of (South Korea)

    Doo-Soon Park

  3. , Dept of Computer Science, City University of Hong Kong, Tat Chee Avenue, Kowloon, 83, Hong Kong SAR

    Weijia Jia

  4. , Division of Computer Engineering, Mokwon University, Do-An-Buk-Ro 88, Daejeon, 302-729, Korea, Republic of (South Korea)

    Sang-Soo Yeo

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer Science+Business Media Dordrecht

About this paper

Cite this paper

Yassin, A.A., Jin, H., Ibrahim, A., Qiang, W., Zou, D. (2013). Cloud Authentication Based on Anonymous One-Time Password. In: Han, YH., Park, DS., Jia, W., Yeo, SS. (eds) Ubiquitous Information Technologies and Applications. Lecture Notes in Electrical Engineering, vol 214. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5857-5_46

Download citation

  • DOI: https://doi.org/10.1007/978-94-007-5857-5_46

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-007-5856-8

  • Online ISBN: 978-94-007-5857-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation