LAUSR.org creates dashboard-style pages of related content for over 1.5 million academic articles. Sign Up to like articles & get recommendations!

Three-Factor-Based Confidentiality-Preserving Remote User Authentication Scheme in Multi-server Environment

Photo by lensingmyworld from unsplash

Recently, Guo–Wen projected an improved authentication protocol in multi-server environment, proclaiming it to preserve user anonymity. However, the authors revisit Guo–Wen’s protocol and discover various malicious threats, i.e., (1) password… Click to show full abstract

Recently, Guo–Wen projected an improved authentication protocol in multi-server environment, proclaiming it to preserve user anonymity. However, the authors revisit Guo–Wen’s protocol and discover various malicious threats, i.e., (1) password guessing threat, (2) identity guessing threat, (3) new smartcard issue threat, (4) user impersonation threat, (5) known session-key temporary information threat and (6) privilege insider threat. In order to surmount theses above-mentioned threats, we propose an enhanced and robust three-factor-based confidentiality-preserving authentication protocol in multi-server environment. The BAN (Burrows, Abadi, Needham) logic is used for validating our scheme which ensures the mutual authentication and session-key negotiation are securely generated. Thereafter, applied random oracle model demonstrates the backbone parameters (like identity, password, biometric and session key) of our protocol are highly secured. Further, the discussion of informal security analysis reveals that the scheme withstands several types of malicious attacks. Besides, we simulate our scheme with the help of AVISPA (Automated Validation of Internet Security Protocol and Applications) tool which demonstrates that it resists to various active and passive attacks. In addition, the performance evaluation exhibits the efficiency in regard to communication and computation costs and estimated time of our scheme is comparatively less with other related existing works.

Keywords: authentication; scheme; protocol; threat; multi server; server environment

Journal Title: Arabian Journal for Science and Engineering
Year Published: 2017

Link to full text (if available)


Share on Social Media:                               Sign Up to like & get
recommendations!

Related content

More Information              News              Social Media              Video              Recommended



                Click one of the above tabs to view related content.