Innovative Remote user Authentication Protocol for Multi-Server Structural Design Based on ECC

We have achieved an era where preferred web services are accessible over the networks by click of a button. In such a situation, remote user authentication performs the most part in determining the genuine users of a web service on the World Wide Web. Scientists have suggested a number of security password centered authentication techniques which depend on single server for authentication. But, with remarkable improvements in technology, it is probable to interact with several web servers in authenticating their clients to experience greater protection. In this paper, we recommend an efficient security password centered authentication protocol for multiserver structure. The method provides common authentication using intelligent card and is depending on Elliptic Curve Cryptography, thus offers best protection at a low price. In 2011, Sood et al. suggested a multi-server structure protocol utilizing smart cards. In this papers, we enhance Sood et al. plan by improving its protection and decreasing the computation cost. The protocol is in accordance with the idea of powerful identification that uses a nonce centered system and has no time synchronization issue. DOI: 10.17762/ijritcc2321-8169.15062

Keys in the Clouds: Auditable Multi-device Access to Cryptographic Credentials

Personal cryptographic keys are the foundation of many secure services, but storing these keys securely is a challenge, especially if they are used from multiple devices. Storing keys in a centralized location, like an Internet-accessible server, raises serious security concerns (e.g. server compromise). Hardware-based Trusted Execution Environments (TEEs) are a well-known solution for protecting sensitive data in untrusted environments, and are now becoming available on commodity server platforms. Although the idea of protecting keys using a server-side TEE is straight-forward, in this paper we validate this approach and show that it enables new desirable functionality. We describe the design, implementation, and evaluation of a TEE-based Cloud Key Store (CKS), an online service for securely generating, storing, and using personal cryptographic keys. Using remote attestation, users receive strong assurance about the behaviour of the CKS, and can authenticate themselves using passwords while avoiding typical risks of password-based authentication like password theft or phishing. In addition, this design allows users to i) define policy-based access controls for keys; ii) delegate keys to other CKS users for a specified time and/or a limited number of uses; and iii) audit all key usages via a secure audit log. We have implemented a proof of concept CKS using Intel SGX and integrated this into GnuPG on Linux and OpenKeychain on Android. Our CKS implementation performs approximately 6,000 signature operations per second on a single desktop PC. The latency is in the same order of magnitude as using locally-stored keys, and 20x faster than smart cards.Comment: Extended version of a paper to appear in the 3rd Workshop on Security, Privacy, and Identity Management in the Cloud (SECPID) 201