Enhanced Image Based Authentication with Secure Key Exchange Mechanism Using ECC in Cloud

  • Anurag Singh Tomar
  • Shashi Kant ShankarEmail author
  • Manmohan Sharma
  • Aditya Bakshi
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 625)


Cloud computing is the most emerging trend in computing. It provides numerous services like IaaS, PaaS and AaaS. It is a form of pay-per-use based computing. Although it provides tremendous services but there are numerous security issues which need to be resolved. User authentication in cloud computing is the most important step intended towards data security. Image-based authentication is one of the best techniques for user authentication based on the order of selected images. However, key exchange and data encryption in such a complex environment is very difficult to implement. Proposed scheme resolves existing issues of Image based Authentication with Secure key Exchange Mechanism and implements Captcha to detect machine user and Elliptic Curve Cryptography (ECC) for secure key exchange. ECC is the best asymmetric cryptographic algorithm which involves very less key size and computing steps. Hence, it provides a secure layer to cloud computing which deals with user authentication, key exchange and data encryption.


Image based authentication ECC Cloud CSP Captcha Session key exchange 


  1. 1.
    Tomar, A.S., Tak, G.K., Chaudhary, R.: Image based authentication with secure key exchange mechanism in cloud. In: International Conference on Medical Imaging, m-Health and Emerging Communication Systems (MedCom), pp. 428–431 (2014)Google Scholar
  2. 2.
    Mohamed, A., Grundy, J., Ibrahim, A.S.: Adaptable, model-driven security engineering for SaaS cloud-based applications. Autom. Softw. Eng. 21, 187–224 (2013). SpringerGoogle Scholar
  3. 3.
    Du, Y., Zhang, R., Li, M.: Research on a security mechanism for cloud computing based on virtualization. Telecommun. Syst. 53, 19–24 (2013). SpringerMathSciNetCrossRefGoogle Scholar
  4. 4.
    Edurado, F.B., Monge, R., Hashizume, K.: Building a security reference architecture for cloud systems. Requirements Eng. 21, 1–25 (2015). SpringerGoogle Scholar
  5. 5.
    Jin, H., Dong, M., Ota, K., Fan, M., Wang, G.: NetSecCC: a scalable and fault tolerant architecture for cloud computing security. Peer-to-Peer Netw. Appl. 9, 1–15 (2014). SpringerGoogle Scholar
  6. 6.
    Hu, P., Sung, C.W., Ho, S., Chan, T.H.: Optimal coding and allocation for perfect secrecy in multiple clouds. Inf. Forensics Secur. 11, 388–399 (2014). IEEECrossRefGoogle Scholar
  7. 7.
    Junwon, L., Cho, J., Seo, J., Shon, T., Won, D.: A novel approach to analyzing for detecting malicious network activity using a cloud computing testbed. Mob. Netw. Appl. 18, 122–128 (2012). SpringerGoogle Scholar
  8. 8.
    Jin, L., Li, Y.K., Chen, X., Lee, P.P.C., Lou, W.: A hybrid cloud approach for secure authorized deduplication. IEEE Trans. Parallel Distrib. Syst. 26, 1206–1216 (2014)Google Scholar
  9. 9.
    Rahat, M., Shibli, M.A., Niazi, M.A.: Cloud identity management security issues and solutions: a taxonomy. Complex Adapt. Syst. Model. 2, 1–37 (2014). SpringerCrossRefGoogle Scholar
  10. 10.
    Seungmin, R., Chang, H., Kim, S., Lee, Y.S.: An efficient peer-to-peer distributed scheduling for cloud and grid computing. Peer-to-peer Networking Appl. 8, 863–871 (2014). SpringerGoogle Scholar
  11. 11.
    Li, Q., Han, Q., Sun, L.: Collaborative recognition of queuing behavior on mobile phones. IEEE Mob. Comput. 15, 60–73 (2014)CrossRefGoogle Scholar
  12. 12.
    Tak, G.K., Badge N., Manwatkar, P., Rangnathan, A., Tapaswi, S.: Asynchronous anti phishing image captcha approach towards phishing. In: International Conference on Future Computer and Communication, vol. 3, pp. 694–698. IEEE (2010)Google Scholar
  13. 13.
    Malhotra, K., Gardner, S., Patz, R.: Implementation of elliptic-curve cryptography on mobile healthcare devices. In: International Conference on Networking, Sensing and Control, pp. 239-244. IEEE (2007)Google Scholar
  14. 14.
    Tomar, A.S., Jaidhar, C.D., Tapaswi, S.: Secure session key generation technique for group communication. Int. J. Inf. Electron. Eng. 2, 831–834 (2012)Google Scholar
  15. 15.
    Shankar, S.K., Tomar, A.S., Tak, G.K.: Secure medical data transmission by using ECC with mutual authentication in WSNs. In: 4th International Conference on Eco-Friendly Computing and Communication Systems (ICECCS), pp. 455–461. Elsevier (2015) Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2016

Authors and Affiliations

  • Anurag Singh Tomar
    • 1
  • Shashi Kant Shankar
    • 2
    Email author
  • Manmohan Sharma
    • 3
  • Aditya Bakshi
    • 3
  1. 1.UPESDehradunIndia
  2. 2.Shiv Nadar UniversityGreater NoidaIndia
  3. 3.Lovely Professional UniversityPhagwaraIndia

Personalised recommendations