Improvement of smart card based password authentication scheme for multiserver environments
نویسنده
چکیده
In multiserver (MS) environments, it is preferable for a remote user to login to different service provider servers by keying in the same password. Recently, Wang et al. proposed an improvement on the dynamic identity-based smart card authentication scheme of Liao and Wang for MS environments. Sandeep et al. improved the dynamic identity-based smart card authentication scheme of Hsiang et al. for MS architecture. However, we found that the schemes of Wang et al. and Sandeep et al. failed to provide service provider server authentication, perfect forward security, and login scalability. In addition, the scheme of Sandeep et al. was insecure against stolen verifier attacks. This paper proposes an improved smart card-based password authentication scheme for MS environments. The new scheme removes all of the abovementioned weaknesses. The proposed identity-based smart card authentication scheme satisfies the following properties: C1. User authentication; C2. Service provider server authentication; C3. Control server authentication; C4. Perfect forward security; C5. Freedom of password change; C6. Scalability of login; C7. Resistance to stolen verifier attacks; and C8. High efficiency.
منابع مشابه
Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics
An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server env...
متن کاملCryptanalysis of Tan's Improvement on a Password Authentication Scheme for Multi-server Environments
Smart cards have been applied on password authentication in recent years. A user can input his/her identity and password to require services from the remote server. There are various attacks through an insecure network to obtain a user’s information. Therefore, many schemes are proposed to guarantee secure communication. However, a lot of schemes are not secure. Recently, Tan proposed an improv...
متن کاملSmart-card-loss-attack and Improvement of Hsiang et al.’s Authentication Scheme
Due to the open environment, all network systems suffer from various security threats. The remote user authentication scheme is a secure mechanism to allow users obtaining a variety of information services through insecure channels. For efficiency and security, many remote user authentication schemes identify users with smart cards. However, many smart card based schemes are vulnerable to lots ...
متن کاملA Biometrics-based Multi-server Key Agreement Scheme on Chaotic Maps Cryptosystem
Nowadays chaos theory is widely used in cryptography. In the real world, in order to ensure secure communication, many chaotic maps-based key agreement protocols have been proposed. Most of them used a smart card on account of the inherent ability of anti-interference. Popularly, many related protocols using smart card are used for a single server environment. However, existing single server au...
متن کاملAn Enhanced Biometric-Based Three Factors User Authentication Scheme for Multi-server Environments
Authentication is an important and basic security service for many network based applications, which allows the registered user access remote services after the validity of his/her identity is verified by the remote server. Password, smart card and biometric are three frequently used factors in authentication, and some remote user authentication schemes for different environments had been prese...
متن کامل