An efficient and robust one-time message authentication code scheme using feature extraction of iris in cloud computing

Abstract

Cloud computing suffers from a number of problems in terms of security issues. Authentication and integrity play an important role in the security field and numerous concerns have been raised to recognizeor protect any tampering with exchanges of text between two entities (sender and receiver) within the cloud environment. Many schemes in this area can be vulnerable to well known methods of attack such as replay attack, forgery attack, dictionary, insider, and modification attacks. A robust scheme is therefore required to detect or prevent any modification or manipulation of a message during transmission. In this paper, we propose a new message authentication code (MAC) based on feature extraction of the user's iris in order to assure the integrity of the user's message. Features are extracted from the user's iris to generate a message code for each user's login and to prohibit malicious attacks such as replay, forgery and insider attacks. Our proposed scheme enjoysseveral important security attributes such as a user's one time bio-key, robust message anonymity, data integrity for a user's message, phase key agreement, bio-key management,and one time message code for each user's session. Finally, our security analysis and experimental results demonstrate and prove the invulnerability and efficiency of our proposed scheme.