Online citations, reference lists, and bibliographies.
← Back to Search

A Secure And Anonymous Two-Factor Authentication Protocol In Multiserver Environment

Chenyu Wang, Guoai Xu, W. Li
Published 2018 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
With the great development of network technology, the multiserver system gets widely used in providing various of services. And the two-factor authentication protocols in multiserver system attract more and more attention. Recently, there are two new schemes for multiserver environment which claimed to be secure against the known attacks. However, after a scrutinization of these two schemes, we found that their description of the adversary’s abilities is inaccurate; their schemes suffer from many attacks. Thus, firstly, we corrected their description on the adversary capacities to introduce a widely accepted adversary model and then summarized fourteen security requirements of multiserver based on the works of pioneer contributors. Secondly, we revealed that one of the two schemes fails to preserve forward secrecy and user anonymity and cannot resist stolen-verifier attack and off-line dictionary attack and so forth and also demonstrated that another scheme fails to preserve forward secrecy and user anonymity and is not secure to insider attack and off-line dictionary attack, and so forth. Finally, we designed an enhanced scheme to overcome these identified weaknesses, proved its security via BAN logic and heuristic analysis, and then compared it with other relevant schemes. The comparison results showed the superiority of our scheme.
This paper references
Security flaws in two improved remote user authentication schemes using smart cards
C. Ma (2014)
Zipfs law in passwords
D. Wang (2017)
The Request for Better Measurement: A Comparative Evaluation of Two-Factor Authentication Schemes
Ding Wang (2016)
Efficient and secure dynamic ID-based remote user authentication scheme for distributed systems using smart cards
J. Leu (2014)
Design and analysis of an improved smartcard-based remote user password authentication scheme
S. H. Islam (2016)
A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems
Xinyi Huang (2011)
A lightweight password-based authentication protocol using smart card
Chenyu Wang (2017)
Efficient and Anonymous Mobile User Authentication Protocol Using Self-Certified Public Key Cryptography for Multi-Server Architectures
D. He (2016)
Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment
H. Hsiang (2009)
Efficient multi-server password authenticated key agreement using smart cards
W. Juang (2004)
A remote password authentication scheme for multiserver architecture using neural networks
L. Li (2001)
An improved lightweight multiserver authentication scheme
A. Irshad (2017)
A logic of authentication
M. Burrows (1990)
A secure dynamic ID based remote user authentication scheme for multi-server environment
Yi-Pin Liao (2009)
A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity
X. Li (2016)
Design of a user anonymous password authentication scheme without smart card
S. Kumari (2016)
Efficient multi-server authentication scheme based on one-way hash function without verification table
Jia-Lun Tsai (2008)
Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment
Ding Wang (2015)
Robust Multi-Factor Authentication for Fragile Communications
Xinyi Huang (2014)
An efficient and secure multi-server password authentication scheme using smart cards
C. Chang (2004)
Design of a provably secure biometrics-based multi-cloud-server authentication scheme
S. Kumari (2017)
A secure mutual authenticated key agreement of user with multiple servers for critical systems
A. Irshad (2017)
Two-Factor User Authentication in Multi-Server Networks
C. Li (2012)
A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards
Vanga Odelu (2015)
Design and Analysis of a Provably Secure Multiserver Authentication Scheme
D. Mishra (2016)
Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound
Ding Wang (2018)
Analysis and improvement on an efficient biometricbased remote user authentication scheme using smart cards
A.K.Das (2011)
A secure dynamic identity based authentication protocol for multi-server architecture
S. Sood (2011)
An Enhancement of a Smart Card Authentication Scheme for Multi-server Architecture
X. Li (2015)
Design and analysis of an improved smartcardbased remote user password authentication scheme
S. H. Islam (2016)
A new remote user authentication scheme for multi-server architecture
I. Lin (2003)
Design and Analysis of a Provably Secure Multi-server Authentication Scheme
Dheerendra Mishra (2016)
On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions
Ding Wang (2014)
Cryptanalysis and security enhancement of a robust two-factor authentication and key agreement protocol
Q. Xie (2016)
A new authenticated key agreement scheme based on smart cards providing user anonymity with formal proof
F. Wu (2015)
A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks
Ling Xiong (2017)
Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards
A. K. Das (2011)
Cryptanalysis of Three Password-Based Remote User Authentication Schemes with Non-Tamper-Resistant Smart Card
Chenyu Wang (2017)
Dynamic Identity Based Authentication Protocol for Two-Server Architecture
S. Sood (2012)
Secure and Efficient Smart Card Based Remote User Password Authentication Scheme
Jianghong Wei (2016)
Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems
Qi Jiang (2018)
Efficient end-to-end authentication protocol for wearable health monitoring systems
Qi Jiang (2017)
An enhanced multi-server authentication protocol using password and smart-card: cryptanalysis and design
Tanmoy Maitra (2016)
A smart card-based remote scheme for password authentication in multi-server Internet services
W. Tsaur (2004)
Zipf’s Law in Passwords
Ding Wang (2017)
Cryptanalysis and Efficient Dynamic ID Based Remote User Authentication Scheme in Multi-server Environment Using Smart Card
R. Amin (2016)
Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks
Q. Jiang (2017)

This paper is referenced by
Performance Analysis of Collaborative Recommender System: A Heuristic Approach
Akanksha Bansal Chopra (2019)
A Provably Secure Biometrics-Based Authentication Scheme for Multiserver Environment
Feifei Wang (2019)
Understanding security failures of multi-factor authentication schemes for multi-server environments
Ding Wang (2020)
An Enhanced User Authentication Protocol Based on Elliptic Curve Cryptosystem in Cloud Computing Environment
Chenyu Wang (2018)
Enhancing Transaction Security for Handling Accountability in Electronic Health Records
Chian Techapanupreed (2020)
Integrated Cryptography for Internet of Things Using TBF Approach
S. Sharma (2019)
Two-factor authentication in industrial Internet-of-Things: Attacks, evaluation and new construction
W. Li (2019)
Cryptanalysis of Provably Secure Authentication Scheme for Multi-Server Environment
T. Sudhakar (2018)
An Enhanced Authentication Protocol for Multi-server Environment Using Password and Smart Card
T. Sudhakar (2020)
Revisiting Anonymous Two-Factor Authentication Schemes for Multi-server Environment
P. Wang (2018)
On the Design of Secure and Efficient Three-Factor Authentication Protocol Using Honey List for Wireless Sensor Networks
Joonyoung Lee (2020)
An efficient dynamic ID-based remote user authentication scheme using self-certified public keys for multi-server environments
D. Zhao (2018)
Efficient Multi-Factor User Authentication Protocol with Forward Secrecy for Real-Time Data Access in WSNs
Ding Wang (2020)
Authentication scheme based on smart card in multi-server environment
Simin Zhou (2020)
Multifactor Authentication - A Study on User Preference, Remembering Ability, Error Rate and Time Consumption
S. Vaithyasubramanian (2019)
Semantic Scholar Logo Some data provided by SemanticScholar