A robust and efficient dynamic identity-based multi-server authentication scheme using smart cards

Summary In single‐server architecture, one service is maintained by one server. If a user wants to employ multiple services from different servers, he/she needs to register with these servers and to memorize numerous pairs of identities and passwords corresponding to each server. In order to improve...

Full description

Saved in:
Bibliographic Details
Published in:International journal of communication systems 2016-01, Vol.29 (2), p.290-306
Main Authors: Chang, Chin-Chen, Cheng, Ting-Fang, Hsueh, Wei-Yuan
Format: Article
Language:English
Subjects:
Authentication
Computation
Costs
Design engineering
dynamic identity
Dynamics
Lithium
multi-server
mutual authentication
Servers
single registration
Smart cards
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Summary In single‐server architecture, one service is maintained by one server. If a user wants to employ multiple services from different servers, he/she needs to register with these servers and to memorize numerous pairs of identities and passwords corresponding to each server. In order to improve user convenience, many authentication schemes have been provided for multi‐server environment with the property of single registration. In 2013, Li et al. provided an efficient multi‐server authentication scheme, which they contended that it could resist several attacks. Nevertheless, we find that their scheme is sensitive to the forgery attack and has a design flaw. This paper presents a more secure dynamic identity‐based multi‐server authentication scheme in order to solve the problem in the scheme by Li et al. Analyses show that the proposed scheme can preclude several attacks and support the revocation of anonymity to handle the malicious behavior of a legal user. Furthermore, our proposed scheme has a lower computation and communication costs, which make it is more suitable for practical applications. Copyright © 2014 John Wiley & Sons, Ltd. In this paper, we introduce some weaknesses in the multi‐server authentication scheme by Li et al. Then, we propose a new version for the resistance of various malicious attacks and provide a formal proof for confirming the correctness of mutual authentication of our scheme. In the comparisons with related schemes, our proposed scheme is more applicable to real‐world environments because of lower computational and communication costs.
ISSN:1074-5351
1099-1131
DOI:10.1002/dac.2830