Cryptography: Theory and Practice
Cryptography: Theory and Practice
A One Round Protocol for Tripartite Diffie-Hellman
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
ANTS-V Proceedings of the 5th International Symposium on Algorithmic Number Theory
Elliptic Curves: Number Theory and Cryptography
Elliptic Curves: Number Theory and Cryptography
An Efficient Multi-server Password Authenticated Key Agreement Scheme Using Smart Cards
MUE '07 Proceedings of the 2007 International Conference on Multimedia and Ubiquitous Engineering
PEITS '08 Proceedings of the 2008 Workshop on Power Electronics and Intelligent Transportation System
A secure dynamic ID based remote user authentication scheme for multi-server environment
Computer Standards & Interfaces
Identity-Based Encryptions with Tight Security Reductions to the BDH Problem
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Computer Standards & Interfaces
Robust and Simple Multi-server Authentication Protocol without Verification Table
HIS '09 Proceedings of the 2009 Ninth International Conference on Hybrid Intelligent Systems - Volume 03
User authentication scheme with privacy-preservation for multi-server environment
IEEE Communications Letters
Robust Multi-Server Authentication Scheme
NPC '09 Proceedings of the 2009 Sixth IFIP International Conference on Network and Parallel Computing
ICICIC '09 Proceedings of the 2009 Fourth International Conference on Innovative Computing, Information and Control
Cryptanalysis of Hsiang-Shih's authentication scheme for multi-server architecture
International Journal of Communication Systems
Efficient multi-server password authenticated key agreement using smart cards
IEEE Transactions on Consumer Electronics
| Hi-index | 0.00 |
In a multi-server environment, a user only needs to register at the registration center once instead of repeatedly registering in each server. After registration, the user can access the resources of any of the servers in the system. Many protocols have been proposed for the same. Recently, Geng–Zhang, Zhu et al., and Yoon–Yoo each proposed a multi-server authentication scheme. They claimed that their schemes are secure and can withstand various attacks. However, after analyses, we found that their schemes are deficient. In this paper, we first demonstrate the deficiencies of these three protocols in turn and then show our improvement on Geng–Zhang's protocol. Our improvement makes use of both the user's and the server's secrecy to achieve mutual authentication. This results in a two-pass multi-server authentication scheme. We have analyzed its security with respect to several factors such as mutual authentication, perfect forward and backward secrecy, and prevention of smart-card-lost attack. Moreover, almost all of the parameters required for a user to log on to a server can be pre-computed. This is very important for a low-energy mobile computing device. That is, our improvement is not only one of the most efficient and secure schemes in this area but also suitable for mobile device. Copyright © 2011 John Wiley & Sons, Ltd.