Out-of-band authentication using image-based one time password in the cloud environment

Abstract

Authentication can be considered as the first wall of protection from unauthorized access of any system and most notably cloud environment. Its aim is to verify user's identity and thus the user's legitimacy of access to services. Nowadays, The most used method for policing user access is text password. However, Several studies have shown the inadequacy of this method due to the growth of network threats. In order to mitigate the deficiency of text password scheme, we propose an image-based one-time password scheme for the cloud environment called (imOTPc). The scheme uses an image as one-time password and mobile network, which makes the system more robust and, therefore, can withstand common types of attacks. The security of the proposed scheme is based on the one-way hash function, secret extraction and the IMEI.