Abstrait

Single Sign-On Secure Authentication Password Mechanism

Deepali M. Devkate, N.D.Kale

This mechanism allows users to sign on only once and have their identities automatically verified by each application or service they want to access afterwards. Most of application architectures required the user to memorized and utilize a different set of credentials (e.g. username/password or tokens) for each application. The Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by service providers in distributed computer networks. Impersonation attack and session attack these are the weak points of existing system the “credential recovering attack” compromises the credential privacy in the scheme as a malicious service provider is able to recover the credential of a legal user. The other attack, an “impersonation attack without credentials” demonstrates resources and services offered by service providers may be able to access without authentication by malicious users.In this propose scheme, to preserve credential generation privacy, the trusted authority signs a Schnorr signature on user identity; and to protect credential privacy and soundness, the user exploits his/her id as a signing key to sign a Schnorr signature on the hashed Session key. And by using Advance Encryption Standard key exchange and identification is secure.

Avertissement: Ce résumé a été traduit à l'aide d'outils d'intelligence artificielle et n'a pas encore été examiné ni vérifié