Next Article in Journal
Securing Additive Manufacturing with Blockchains and Distributed Physically Unclonable Functions
Next Article in Special Issue
Implementation of a New Strongly-Asymmetric Algorithm and Its Optimization
Previous Article in Journal
Power Side-Channel Attack Analysis: A Review of 20 Years of Study for the Layman
Previous Article in Special Issue
An Alternative Diffie-Hellman Protocol
Open AccessArticle

Security and Performance of Single Sign-on Based on One-Time Pad Algorithm

by *,†,‡ and
Department of Information Science, Tokyo University of Science, Yamazaki 2641, Noda, Chiba 278-8510, Japan
*
Author to whom correspondence should be addressed.
Research Fellow of Japan Society for the Promotion of Science.
These authors contributed equally to this work.
Cryptography 2020, 4(2), 16; https://doi.org/10.3390/cryptography4020016
Received: 13 April 2020 / Revised: 28 May 2020 / Accepted: 9 June 2020 / Published: 12 June 2020
(This article belongs to the Special Issue Cryptographic Protocols 2020)
Single sign-on (SSO) techniques allow access control for multiple systems with a single login. The aim of our study is to construct an authentication algorithm that provides the authentication information of a user to a requester without requiring any specific token, thereby achieving domain-free access control. In this study, we propose an authentication algorithm for SSO based on a verifiable encryption (VE)-based authentication algorithm and implementation. VE is a kind of cryptosystem that allows calculation on cyphertexts, generating an encrypted result, which matches the distance between two plaintexts when decrypting. In our approach, we first construct the mathematical SSO algorithm based on the VE-based algorithm, and then implement the algorithm by applying the one-time pad to the algorithm and using sample data. We also consider robustness against theoretical attacks such as man-in-the-middle attack. In addition to that, our algorithm is robust against the well-known classical and theoretical attacks, the man-in-the-middle attack against the proposed algorithm is also impracticable. Furthermore, with security analysis using Proverif, the algorithm has been shown to be secure. The execution speed is less than 1 ms even with a text length of 8192 bits. Based on our results, it is evident that the computational burden of trusted third parties, such as a certificate authority, can be alleviated because the public key agreement is not required in our algorithm. Moreover, since only the authentication information is disclosed to the service provider, big tech such as GAFA cannot obtain personal information of the user without consent. As for the originality of our algorithm, any personal information, such as biometric information and non-contact magnetic IC cards in addition to the pair of ID and password, which is used for common SSO algorithms, is available. View Full-Text
Keywords: single sign-on; authentication; one-time pad; cryptography; security single sign-on; authentication; one-time pad; cryptography; security
Show Figures

Figure 1

MDPI and ACS Style

Kihara, M.; Iriyama, S. Security and Performance of Single Sign-on Based on One-Time Pad Algorithm. Cryptography 2020, 4, 16. https://doi.org/10.3390/cryptography4020016

AMA Style

Kihara M, Iriyama S. Security and Performance of Single Sign-on Based on One-Time Pad Algorithm. Cryptography. 2020; 4(2):16. https://doi.org/10.3390/cryptography4020016

Chicago/Turabian Style

Kihara, Maki; Iriyama, Satoshi. 2020. "Security and Performance of Single Sign-on Based on One-Time Pad Algorithm" Cryptography 4, no. 2: 16. https://doi.org/10.3390/cryptography4020016

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop