Password authentication using AES and SHA in Cloud Environment for two Servers

Authors: Mrunal Nikam, Chhaya Nayak

Certificate: View Certificate

Abstract

Abstract: Password-authenticated key exchange (PAKE) is where a client and a server, who share a password, authenticate each other and meanwhile establish a cryptographic key by exchange of messages. In this setting, all the passwords necessary to authenticate clients are stored in a single server. If the server is compromised, due to, for example, hacking or even insider attacks, passwords stored in the server are all disclosed. In this paper, we consider a scenario where two servers cooperate to authenticate a client and if one server is compromised, the attacker still cannot pretend to be the client with the information from the compromised server. The proposed work continues the line of research on the two-server paradigm in, extend the model by imposing different levels of trust upon the two servers, and adopt a very different method at the technical level in the protocol design. The proposed scheme is a password-only system in the sense that it requires no public key cryptosystem and, no PKI. The paper work, generalize the basic two-server model to architecture of a single back-end server supporting multiple frontend servers and envision interesting applications in federated enterprises. In the given authentication schema we also use SMS integration API for two step verification like Gmail, it will provide the additional security to end user. Keywords: Virtual Machine, CloudSim, Load Balancing, Task Scheduling, Round Robin, Shortest Job First

Introduction

Cloud computing has grown an adoptable technology for many of the organizations which consists of dynamic scalability and entry to virtualized resources being a service with the Internet [1]. Impair computing, as an emerging calculating paradigm, enables customers to remotely shop their data inside a cloud, so as to enjoy solutions on-demand. Impair calculating identifies a brand new Internet-based that solutions to raise the particular use in addition to distribution model, typically concerning the World-wide-web to deliver energetic in addition to scalable and infrequently virtualized resources [2]. Fig. 1 indicates the particular construction associated with impair calculating. Impair will be the huge calculating system automatically split into a lot of scaled-down subroutines, in addition to then by means of multiple server techniques composing of a substantial lookup, computation in addition to evaluation after the outcomes back towards consumer. With this technology, the particular remote control supplier can certainly throughout a few seconds to achieve tens associated with thousands as well as handle huge amounts of us dollars associated with data for you to and the "super computer" the same highly effective effectiveness associated with system solutions [3]. It is going to likely employ a major impact on the particular large storage space later on. Nowadays, the phrase “cloud computing” may be a vital period on earth associated with IT.

Conclusion

In this system, we have accessible a symmetric protocol for two-server password-only authentication and key exchange.Security analysis has shown that our protocol is secure against passive and active attacks just in case that one between the two servers is compromised. Performance analysis has shown that our protocol is a lot of economical than existing system.