Anonymous Password Authentication Scheme by Using Digital Signature and Fingerprint in Cloud Computing

• Published in: 2012 International Conference on Cloud and Green Computing pp. 282 - 289
• Main Authors: Yassin, A. A., Hai Jin, Ibrahim, A., Deqing Zou
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.11.2012
• Subjects: Authentication; cloud authentication; Cloud computing; Cryptography; Digital signatures; Feature extraction; fingerprint; password authentication; Schnorr digital signature; Servers; service provider
• ISBN: 1467330272; 9781467330275
• DOI: 10.1109/CGC.2012.91

Cloud security represents a main hindrance that causes to retard its widespread adoption. Authentication considers a significance element of security in cloud environment, aiming to verify a user's identity when a user wishes to request services from cloud. There are many authentication schemes that depend on username/password, but they are considered weak techniques of cloud authentication. A more secure scheme is the two-factor authentication that does not only verify the username/password pair, but also needs a second factor such as a token device, biometric. However, the feasibility of second-factor authentication is limited by the deployment complexity, high cost and the cloud security is compromised when the token is missing or purloined. Furthermore, these schemes are failed to resist well-known attacks such as replay attacks, reflection attacks. This paper proposes two-factor authentication scheme based on Schnorr digital signature and feature extraction from fingerprint to overcome above aforementioned issues. Security analysis and experimental results illustrate that our proposed scheme can withstand the common security attacks as well, and has a good performance of password authentication.