{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,8]],"date-time":"2026-04-08T16:52:40Z","timestamp":1775667160536,"version":"3.50.1"},"reference-count":26,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2020,6,12]],"date-time":"2020-06-12T00:00:00Z","timestamp":1591920000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>Single sign-on (SSO) techniques allow access control for multiple systems with a single login. The aim of our study is to construct an authentication algorithm that provides the authentication information of a user to a requester without requiring any specific token, thereby achieving domain-free access control. In this study, we propose an authentication algorithm for SSO based on a verifiable encryption (VE)-based authentication algorithm and implementation. VE is a kind of cryptosystem that allows calculation on cyphertexts, generating an encrypted result, which matches the distance between two plaintexts when decrypting. In our approach, we first construct the mathematical SSO algorithm based on the VE-based algorithm, and then implement the algorithm by applying the one-time pad to the algorithm and using sample data. We also consider robustness against theoretical attacks such as man-in-the-middle attack. In addition to that, our algorithm is robust against the well-known classical and theoretical attacks, the man-in-the-middle attack against the proposed algorithm is also impracticable. Furthermore, with security analysis using Proverif, the algorithm has been shown to be secure. The execution speed is less than 1 ms even with a text length of 8192 bits. Based on our results, it is evident that the computational burden of trusted third parties, such as a certificate authority, can be alleviated because the public key agreement is not required in our algorithm. Moreover, since only the authentication information is disclosed to the service provider, big tech such as GAFA cannot obtain personal information of the user without consent. As for the originality of our algorithm, any personal information, such as biometric information and non-contact magnetic IC cards in addition to the pair of ID and password, which is used for common SSO algorithms, is available.<\/jats:p>","DOI":"10.3390\/cryptography4020016","type":"journal-article","created":{"date-parts":[[2020,6,15]],"date-time":"2020-06-15T03:17:32Z","timestamp":1592191052000},"page":"16","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Security and Performance of Single Sign-on Based on One-Time Pad Algorithm"],"prefix":"10.3390","volume":"4","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9217-6019","authenticated-orcid":false,"given":"Maki","family":"Kihara","sequence":"first","affiliation":[{"name":"Department of Information Science, Tokyo University of Science, Yamazaki 2641, Noda, Chiba 278-8510, Japan"}]},{"given":"Satoshi","family":"Iriyama","sequence":"additional","affiliation":[{"name":"Department of Information Science, Tokyo University of Science, Yamazaki 2641, Noda, Chiba 278-8510, Japan"}]}],"member":"1968","published-online":{"date-parts":[[2020,6,12]]},"reference":[{"key":"ref_1","unstructured":"(2020, March 31). Internet World Stats. Available online: https:\/\/www.internetworldstats.com\/stats.htm."},{"key":"ref_2","unstructured":"Hu, J., Sun, Q., and Chen, H. (2010, January 26\u201328). Application of single sign-on (SSO) in digital campus. Proceedings of the Third IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT 2010), Beijing, China."},{"key":"ref_3","unstructured":"(2020, May 28). Single Sign-on Market by Type (Enterprise, Federated & Web-Based, Windows Integrated), Organization Size (Small & Medium Enterprises, Large Enterprises), Deployment Mode (Cloud, On-Premises), Vertical, Region\u2014Global Forecast to 2021. Markets and Markets. Available online: https:\/\/www.marketsandmarkets.com\/Market-Reports\/single-sign-on-market-83280444.html."},{"key":"ref_4","unstructured":"Villanueva, J. (2020, May 14). 5 Big Business Benefits of Using SSO (Single Sign-On). Managed File Transfer and Network Solutions. Available online: https:\/\/www.jscape.com\/blog\/bid\/104856\/5-Big-Business-Benefits-of-Using-SSO-Single-Sign-On."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"134","DOI":"10.1016\/j.protcy.2012.05.019","article-title":"A survey on single sign-on techniques","volume":"4","author":"Radha","year":"2012","journal-title":"Proc. Technol."},{"key":"ref_6","first-page":"18","article-title":"A review on single sign on enabling technologies and protocols","volume":"151","author":"Bazaz","year":"2016","journal-title":"Int. J. Comput. Appl."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"De Clercq, J. (2002, January 1). Single sign-on architectures. Proceedings of the International Conference on Infrastructure Security, Heidelberg, Germany.","DOI":"10.1007\/3-540-45831-X_4"},{"key":"ref_8","unstructured":"Miller, S.P., Neuman, B.C., Schiller, J.I., and Saltzer, J.H. (1988). Project Athena Technical Plan. Kerberos Authentication and Authorization System, Massachusetts Institute of Technology."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1109\/35.312841","article-title":"Kerberos: An authentication service for computer networks","volume":"32","author":"Neuman","year":"1994","journal-title":"IEEE Commun. Mag."},{"key":"ref_10","unstructured":"(2020, April 06). Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 OASIS Standard, OASIS. Available online: http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-core-2.0-os.pdf."},{"key":"ref_11","unstructured":"(2020, April 06). OpenID Foundation Website. Available online: http:\/\/openid.net\/."},{"key":"ref_12","unstructured":"(2020, May 28). OAuth Website. Available online: https:\/\/oauth.net\/2\/."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Sun, S.T., Pospisil, E., Muslukhov, I., Dindar, N., Hawkey, K., and Beznosov, K. (2011, January 20\u201322). Beznosov KWhat makes users refuse web single sign-on? An empirical investigation of OpenID. Proceedings of the Seventh Symposium on Usable Privacy and Security, Pittsburgh, PA, USA.","DOI":"10.1145\/2078827.2078833"},{"key":"ref_14","first-page":"5","article-title":"Keeping Anonymity at the Consumer Behavior on the Internet: Proof of Sacrifice","volume":"2019","author":"Horie","year":"2019","journal-title":"Comput. Ethics-Philos. Enq. (CEPE) Proc."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Yang, F., and Manoharan, S. (2013, January 27\u201329). A security analysis of the OAuth protocol. Proceedings of the 2013 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM), Victoria, BC, Canada.","DOI":"10.1109\/PACRIM.2013.6625487"},{"key":"ref_16","unstructured":"Tsyrklevich, E., and Tsyrklevich, V. (2020, June 11). Single Sign-on for the Internet: A Security Story. Available online: https:\/\/bit.ly\/2UCJZDo."},{"key":"ref_17","unstructured":"Gro\u00df, T. (2003, January 8\u201312). Security analysis of the SAML single sign-on browser\/artifact profile. Proceedings of the 19th Annual Computer Security Applications Conference 2003, Las Vegas, NV, USA."},{"key":"ref_18","unstructured":"Wu, T.D. (Ndss, 1999). A Real-World Analysis of Kerberos Password Security, Ndss."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Kihara, M., and Iriyama, S. (2019). New authentication algorithm based on verifiable encryption with digital identity. Cryptography, 3.","DOI":"10.3390\/cryptography3030019"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Grassi, P.A., Garcia, M.E., and Fenton, J.L. (2017). Digital Identity Guidelines, NIST Special Publication (NIST SP)-800-63-3.","DOI":"10.6028\/NIST.SP.800-63-3"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Accardi, L., Freudenberg, W., and Ohya, M. (2010). The QP-DYN algorithms. QP\u2013PQ Quantum Probability and White Noise Analysis, World Scientific.","DOI":"10.1142\/9789814343763_0001"},{"key":"ref_22","first-page":"1","article-title":"On a PRNG based on non-commutative algebra and its applications","volume":"13","author":"Iriyama","year":"2014","journal-title":"SPT"},{"key":"ref_23","unstructured":"(2020, June 02). Proverif Webcite. Available online: https:\/\/prosecco.gforge.inria.fr\/personal\/bblanche\/proverif\/."},{"key":"ref_24","unstructured":"(2020, May 14). Security Assertion Markup Language (SAML) V2.0 Technical Overview. Available online: http:\/\/docs.oasis-open.org\/security\/saml\/Post2.0\/sstc-saml-tech-overview-2.0.html."},{"key":"ref_25","unstructured":"Iriyama, S., and Kihara, M. (2019). Encrypted Data Processing System and Program. (PCT\/JP2018\/045505), Japan Patent."},{"key":"ref_26","unstructured":"Iriyama, S., and Kihara, M. (2020). Authentication System and Program. (JP2020\/25659), Japan Patent."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/4\/2\/16\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T09:38:15Z","timestamp":1760175495000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/4\/2\/16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,6,12]]},"references-count":26,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2020,6]]}},"alternative-id":["cryptography4020016"],"URL":"https:\/\/doi.org\/10.3390\/cryptography4020016","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,6,12]]}}}