Efficient and Secure Mutual Authentication Scheme in Cloud Computing
Ali A.Yassin1, Hikmat Z. Neima2, Zaid Ameen Abduljabbar3, Haider Sh.Hashim4
1Ali A. Yassin, Computer Science Dept, Education College, Basrah University, Basrah, Iraq.
2Hikmat Z. Neima, Computer Science Dept, Science College, Basrah University, Basrah, Iraq.
3Zaid Ameen Abduljabbar, Computer Science Dept, Education College, Basrah University, Basrah, Iraq.
4Haider Sh. Hashim, Computer Science Dept, Education College, Basrah University, Basrah, Iraq.
Manuscript received on September 20, 2013. | Revised Manuscript received on October 12, 2013. | Manuscript published on October 30, 2013. | PP: 133-139  | Volume-3, Issue-1, October 2013. | Retrieval Number:  A2185103113/2013©BEIESP

Open Access | Ethics and Policies | Cite
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Nowadays, cloud computing considers an important topic for small, medium and large e-commences alike. The security is a constitutive trouble that hinders its widespread adoption. The password authentication is a first level of security in cloud computing, aiming to guarantee that only legitimate users are allowed to be used data that stored in the cloud server. The demeanor of multi-factor authentication schemes such as token, biometric provided a promising password authentication solution. There are many challenging matters that raise fears of using multi-factor are the high cost, not easy to carry, does not provide the functionalities of revocation, and fails to resist well-known attacks such as off-line guessing password, Man-in-the-Middle (MITM) Seed-tracing. In this paper, we propose a scheme of Two-Factor Authentication (2FA) that overcomes aforementioned issues and reduces the cost. We use Zero-Knowledge and One-Time Password (OTP) to implement a Cloud-based two-factor authentication as a design paradigm. Our proposed scheme includes many security characteristics like mutual authentication, user anonymity, session key agreement, freely chosen password, no time synchronization, and has a good performance of password authentication.
Keywords: Cloud computing, Mutual Authentication, Zero-knowledge proof, Service provider, One-time password.