ISSN(Online) : 2320-9801 ISSN (Print) : 2320-9798 International Journal of Innovative Research in Computer and Communication Engineering (An ISO 3297: 2007 Certified Organization) Vol. 2, Issue 11, November 2014 Copyright to IJIRCCE www.ijircce.com 6870 Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra ,India. Assistant Professor, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra, India. ABSTRACT: This mechanism allows users to sign on only once and have their identities automatically verified by each application or service they want to access afterwards. Most of application architectures required the user to memorized and utilize a different set of credentials (e.g. username/password or tokens) for each application. The Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by service providers in distributed computer networks. Impersonation attack and session attack these are the weak points of existing system the “credential recovering attack” compromises the credential privacy in the scheme as a malicious service provider is able to recover the credential of a legal user. The other attack, an “impersonation attack without credentials” demonstrates resources and services offered by service providers may be able to access without authentication by malicious users.In this propose scheme, to preserve credential generation privacy, the trusted authority signs a Schnorr signature on user identity; and to protect credential privacy and soundness, the user exploits his/her id as a signing key to sign a Schnorr signature on the hashed Session key. And by using Advance Encryption Standard key exchange and identification is secure. KEYWORDS: Credential, SSO, Encryption, Decryption, Schnorr. I. INTRODUCTION The aim of this paper is to develop a secure single sign-on mechanism for distributed networks. To make the existing distributed system performs in an efficient, convenient manner and too overcome several possible attacks. In any client/server system, single sign-on is an authentication process that permits multiple applications. But in the existing authentication schemes, it fails to protect the user from several possible attacks when user accessing it..We have proposed a secure single sign-on access control mechanism for Distributed networks to enable the users to login quickly and securely to multiple applications such as websites with just a single identity. In this mechanism, the user can login once for every domain and it also provides only one password which makes it very secured and easy to access the resources from different service providers. It also provides integrity, availability authentication and access control. It could be done by using one way hash function with random nonces. We have proposed a secure single sign-on access control mechanism for client/server networks to enable the user to login quickly and securely to multiple applications such as websites, mainframe session with just a single identity. In this mechanism the user can login once for every domain and it also provides only one password which makes it very secured and easy to access the resources from different Service providers. It also provides integrity, availability authentication and access control. II. LITERATURE SURVEY A.Anonymity Enhancement on Robust and Efficient Password Authenticated Key Agreement Using Smart Cards Our password-authenticated key agreement scheme using smart cards has been really efficient and effective. In terms of effectiveness, it has not only the low communication costs, but also our solution builds on the efficient cryptographic primitives of secure hash function and symmetric cipher, which may be inherently viable for smart card environment. So, this solution not only preserves mutual authentication, key agreement and the functionality of password updating but also can prevent initiator traceability, insider attack, and DoS attack and also blocks them. [3]