Robust scheme to protect authentication code of message/image documents in cloud computing

Abstract

A number of image/message document authentication and integrity schemes have been conducted to recognize any modification in the exchange of documents between two entities (sender and receiver) within a cloud environment. Existing solutions are based on combining key-based hash function with traditional factors (steganography, smart-card, timestamp). However, none of the proposed schemes appear to be sufficiently designed as a secure scheme to prevent common forms of attack such as replay, forgery, stolen verifier, brute force, and insider attacks. In this paper, we propose a scheme to ensure message/image document integrity for each user's login by providing one-time biometric message/image authentication code called MACLESS, which is a summation of combining the key-based hash function (MAC-SHA-1) of a message/image document and the one-time bio-key. Thereafter, MACLESS is hidden in a cover image based steganography anonymity. The proposed scheme has several important security attributes, such as phase key agreement, users' one-time bio-key, and one-time authentication code is valid only for one user's login session. Finally, security analysis and experimental results demonstrate and prove the invulnerability and efficiency of the proposed scheme.