An enhanced approach for three factor remote user authentication in multi - server environment

With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyz...

Full description

Saved in:
Bibliographic Details
Published in:Journal of intelligent & fuzzy systems 2020-01, Vol.39 (6), p.8609-8620
Main Authors: Patel, Chintan, Joshi, Dhara, Doshi, Nishant, Veeramuthu, A., Jhaveri, Rutvij
Format: Article
Language:English
Subjects:
Authentication
Cryptography
Security
Service introduction
Spoofing
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the agile development of the Internet era, starting from the message transmission to money transactions, everything is online now. Remote user authentication (RUA) is a mechanism in which a remote server verifies the user’s correctness over the shared or public channel. In this paper, we analyze an RUA scheme proposed by Chen for the multi-server environment and prove that their scheme is not secured. We also find numerous vulnerabilities such as password guessing attack, replay attack, Registration Center (RC) spoofing attack, session key verification attack, and perfect forward secrecy attack for Chen’s scheme. After performing the cryptanalysis of Chen’s scheme, we propose a biometric-based RUA scheme for the same multi-server environment. We prove that the proposed authentication scheme achieves higher security than Chen’s scheme with the use of informal security analysis as well as formal security analysis. The formal security analysis of the proposed scheme is done using a widely adopted random oracle method.
ISSN:1064-1246
1875-8967
DOI:10.3233/JIFS-189177