Password authentication with insecure communication
Communications of the ACM
An Efficient and Secure Multi-Server Password Authentication Scheme using Smart Cards
CW '04 Proceedings of the 2004 International Conference on Cyberworlds
A new mutual authentication scheme based on nonce and smart cards
Computer Communications
A secure dynamic ID based remote user authentication scheme for multi-server environment
Computer Standards & Interfaces
Computer Standards & Interfaces
An efficient biometrics-based remote user authentication scheme using smart cards
Journal of Network and Computer Applications
DoS-resistant ID-based password authentication scheme using smart cards
Journal of Systems and Software
Advanced smart card based password authentication protocol
Computer Standards & Interfaces
Journal of Network and Computer Applications
A secure dynamic identity based authentication protocol for multi-server architecture
Journal of Network and Computer Applications
A public key cryptosystem and a signature scheme based on discrete logarithms
IEEE Transactions on Information Theory
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
Efficient multi-server password authenticated key agreement using smart cards
IEEE Transactions on Consumer Electronics
A remote password authentication scheme for multiserver architecture using neural networks
IEEE Transactions on Neural Networks
Security and Communication Networks
NSS'12 Proceedings of the 6th international conference on Network and System Security
Journal of Computer and System Sciences
Cryptanalysis and Improvement of an Anonymous Authentication Protocol for Wireless Access Networks
Wireless Personal Communications: An International Journal
Robust Smart Card Authentication Scheme for Multi-server Architecture
Wireless Personal Communications: An International Journal
| Hi-index | 0.00 |
Generally, if a user wants to use numerous different network services, he/she must register himself/herself to every service providing server. It is extremely hard for users to remember these different identities and passwords. In order to resolve this problem, various multi-server authentication protocols have been proposed. Recently, Sood et al. analyzed Hsiang and Shih's multi-server authentication protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture. They claimed that their protocol provides user's anonymity, mutual authentication, the session key agreement and can resist several kinds of attacks. However, through careful analysis, we find that Sood et al.'s protocol is still vulnerable to leak-of-verifier attack, stolen smart card attack and impersonation attack. Besides, since there is no way for the control server CS to know the real identity of the user, the authentication and session key agreement phase of Sood et al.'s protocol is incorrect. We propose an efficient and security dynamic identity based authentication protocol for multi-server architecture that removes the aforementioned weaknesses. The proposed protocol is extremely suitable for use in distributed multi-server architecture since it provides user's anonymity, mutual authentication, efficient, and security.