Title: A secure and efficient user authentication scheme for the web

Authors: Yassine Sadqi; Ahmed Asimi; Younes Asimi

Addresses: Departments of Mathematics and Computer Science, Faculty of Science, Information Systems and Vision Laboratory (LabSiV), Ibn Zohr University, B.P. 8106, City Dakhla, Agadir, Morocco ' Departments of Mathematics and Computer Science, Faculty of Science, Information Systems and Vision Laboratory (LabSiV), Ibn Zohr University, B.P. 8106, City Dakhla, Agadir, Morocco ' Departments of Mathematics and Computer Science, Faculty of Science, Information Systems and Vision Laboratory (LabSiV), Ibn Zohr University, B.P. 8106, City Dakhla, Agadir, Morocco

Abstract: User authentication is the 'Achilles heel' of modern web applications security. Although strong schemes based on public key cryptography have been proposed, none of them is widely adopted. Specifically, they are difficult to use and expensive to deploy. In this paper, we propose a new mutual authentication scheme, which is based on public key cryptography and other cryptographic primitives. Our analysis shows that our scheme is efficient, and improves authentication security without sacrificing usability and depolaybility. Moreover, our scheme can be combined with HTTPS to effectively add another layer of security to web applications. In so doing, we demonstrate that our scheme can significantly improve the security of web applications with minimal impact on performance.

Keywords: user authentication; mutual authentication; web application security; strong scheme; public key cryptography; cryptographic primitives; web apps.

DOI: 10.1504/IJITST.2015.073936

International Journal of Internet Technology and Secured Transactions, 2015 Vol.6 No.1, pp.43 - 63

Received: 11 Feb 2015
Accepted: 13 May 2015
Published online: 30 Dec 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article