Cloud Access and Storage Security by Using Elgamal Negative Passwords

Abstract

Secure password storage is a in systems major fact based on password authentication, which has been widely used in authentication technique. Proposing a password authentication framework that is designed for secure password storage and it can be easily integrated into existing authentication systems. First, the received plain password from a client side is hashed using a cryptographic hash function.Then, hashed password is converted into a negative password. Finally, the received negative password is encrypted into an Encrypted Negative Password (abbreviated as ENP) using a symmetric-key algorithm.Using multi-iteration encryption could be employed to further improve security. Both the cryptographic hash function and symmetric encryption make it difficult to crack passwords from ENPs. . The Elgamal is a asymmetric encryption algorithm that  uses a pair of public key and a private key to encrypt and decrypt messages when communicating. Most importantly, the ENP is the first password protection scheme that combines the cryptographic hash function, the negative database and the Elgamal Algorithm. This Encrypted Negative Password system still can resist the precomputation attacks. Thus by securing the cloud servers with negative password system, all these vulnerabilities can be reduced.