Skip to main content
SpringerLink
Log in

Honeyword with Salt-Chlorine Generator to Enhance Security of Cloud User Credentials

  • Conference paper
  • First Online:
Security in Computing and Communications (SSCC 2017)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 746))

Included in the following conference series:

Abstract

Cloud Computing plays a vital role in current IT sector. Every advantage of cloud comes with major security issues. Cloud credential security concern has been listed as top security threat in the Treacherous 12 by Cloud Security Alliance in 2016. The login credentials of a cloud user can be easily cracked with the existing tools. Honeywords are used to protect the passwords in password database. Honeywords are set of decoy passwords stored along with the legitimate password in hashed password database. Honeyword list along with the legitimate password are called as sweetword list. In current scenario the list of sweetwords can be stolen by launching brute force attack, dictionary attack or other password cracking attacks to the Hashed password database and the cloud user’s legitimate password can be inverted. To avoid such attacks an improvised salt generator named as Salt-Chlorine is proposed. Salt-chlorine algorithm generates highly unpredictable pseudo-random Salt to enhance the integrity of the cloud user account. Salt-Chlorine generator generates complex salts (SC) and SC is hashed with both the honeywords and cloud users legitimate password to confuse the attacker and to withstand the attacks on hashed password database. The proposed method increases the complexity of identifying the legitimate password in the list of sweetwords. The analysis demonstrates the privacy and security level of the passwords stored in cloud password database and the passwords are more secured than the existing schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Erguler, I.: Achieving flateness: selecting the honeywords from existing users passwords. IEEE Trans. Dependable Secure Comput. 13, 284–295 (2016)

    Article  Google Scholar 

  2. Cloud Security Alliance: The Treacherous 12- Cloud Computing Top Threats in 2016, February 2016

    Google Scholar 

  3. Vance, A.: If your password is 123456, just make it hackme. New York Times, January 2010

    Google Scholar 

  4. Brown, K.: The dangers of weak hashes. SANS Institute InfoSec Reading Room, Maryland, US, pp. 1–22, November 2013

    Google Scholar 

  5. Juels, A., Rivest, R.L.: Honeywords: making password-cracking detectable. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 145–160 (2013)

    Google Scholar 

  6. Bojinov, H., Bursztein, E., Boyen, X., Boneh, D.: Kamouflage: loss-resistant password management. In: Proceedings of the 15th European Symposium on Research in Computer Security, pp. 286–302 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Madras Institute of Technology, Anna University, Chennai, Tamil Nadu, India

    T. Nathezhtha

  2. SCSE, VIT, Chennai, Tamil Nadu, India

    V. Vaidehi

Authors
  1. T. Nathezhtha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. V. Vaidehi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to T. Nathezhtha .

Editor information

Editors and Affiliations

  1. Indian Institute of Information Technology and Management Kerala (IIITMK), Trivandrum, Kerala, India

    Sabu M. Thampi

  2. University of Murcia , Murcia, Spain

    Gregorio Martínez Pérez

  3. Federal University of Santa Catarina , Florianópolis, Santa Catarina, Brazil

    Carlos Becker Westphall

  4. RMIT University , Melbourne, Victoria, Australia

    Jiankun Hu

  5. National Sun Yat-sen University , Kaohsiung, Taiwan

    Chun I. Fan

  6. University of Murcia, Murcia, Spain

    Félix Gómez Mármol

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Nathezhtha, T., Vaidehi, V. (2017). Honeyword with Salt-Chlorine Generator to Enhance Security of Cloud User Credentials. In: Thampi, S., Martínez Pérez, G., Westphall, C., Hu, J., Fan, C., Gómez Mármol, F. (eds) Security in Computing and Communications. SSCC 2017. Communications in Computer and Information Science, vol 746. Springer, Singapore. https://doi.org/10.1007/978-981-10-6898-0_13

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-6898-0_13

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-6897-3

  • Online ISBN: 978-981-10-6898-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation