Security analysis of a cloud authentication protocol using applied pi calculus
by Andrea Huszti; Norbert Oláh
International Journal of Internet Protocol Technology (IJIPT), Vol. 12, No. 1, 2019

Abstract: Nowadays cloud computing is the most promising model within information technology. One of the most important issues is to achieve secure user authentication. Vulnerability of an authentication protocol results in successful attacks against confidentiality and integrity of user data stored and processed in the cloud. In our suggested protocol a person uses a static password and a one-time password for identity verification. Shared control among the cloud servers is provided by applying a Merkle-tree for storing one-time passwords distributed. A security analysis is carried out in case of outsider adversaries. We show that our authentication protocol fulfils typical security requirements of a key exchange protocol, i.e., authentication of the participants, key secrecy, key freshness and confirmation that both parties know the new key in the Dolev-Yao model.

Online publication date: Mon, 25-Mar-2019

The full text of this article is only available to individual subscribers or to users at subscribing institutions.

Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Internet Protocol Technology (IJIPT):
Login with your Inderscience username and password:

    Username:        Password:         

Forgotten your password?

Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email