Research on remote user authentication technology in cloud environment

Research on remote user authentication technology in cloud environment

Lanzhou University of Technology Han Wei

This paper presents a dynamic password authentication scheme based on ECC for cloud environment. This scheme is based on two sides of cloud user and cloud service provider to realize two-way authentication. By using elliptic curve cryptography, the protection of password is enhanced, the function of password modification is increased, and it can resist many kinds of attack methods such as replay attack, man-in-the-middle attack, privileged insider attack, pseudo attack, Denial-of-service attack, The security of the scheme is improved. Compared with the existing cloud authentication scheme, it is found that the scheme is easy to operate and enhances the protection of password. At the same time, it also improves the security and efficiency of cloud authentication technology. In a mixed cloud environment, cloud users in different public cloud registration results in the need to remember a large number of user names and passwords, while the public cloud needs to maintain a large number of user registration information, increased its burden. This method is not convenient, but also increases the management cost of the public cloud, and the user registry in the public cloud is very easy to be an attacker's target, the security of the system is relatively low. To solve this problem, a 3PAKE cross Cloud authentication protocol based on ECC for hybrid cloud environment is proposed in this paper. In this scheme, the cloud user realizes the efficient two-way authentication with the public cloud with the help of the private cloud, and generates the session key after the two sides authentication completes. Under the stochastic Prediction model, it is proved that the Protocol has forward security, and can resist stealing authentication meta attack, password guessing attack, fake attack and modification attack. Compared with other schemes, it is found that the protocol has some advantages in efficiency and security. The scheme not only reduces the burden of public cloud, but also reduces the security requirements for public cloud, and is suitable for a mixed cloud environment with a large amount of users.

Research on remote user authentication technology in cloud environment