Abstract
Nowadays, a multi-server environment has been widely used in various applications. Under this environment, users can register in one particular register center just one time and log into different application servers. Recently, various authentication protocol for this kind of environment have been proposed. In 2017, Zhang et al. proposed a three-factor authentication protocol with strong robustness. They claimed that their protocol can secure against various kinds of attacks, including perfect forward secrecy. Unfortunately, in this paper, we demonstrated that Zhang et al.’s protocol still cannot provide Perfect Forward Secrecy. To erase the weakness, we proposed an improvement to let the protocol can provide Perfect Forward Secrecy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen, C.M., Ku, W.C.: Stolen-verifier attack on two new strong-password authentication protocols. IEICE Trans. Commun. 85(11), 2519–2521 (2002)
Chen, C.M., Xu, L., Wu, T.Y., Li, C.R.: On the security of a chaotic maps-based three-party authenticated key agreement protocol. J. Netw. Intell. 1(2), 61–66 (2016)
He, B.Z., Chen, C.M., Wu, T.Y., Sun, H.M.: An efficient solution for hierarchical access control problem in cloud environment. Math. Probl. Eng. (2014)
He, D., Wang, D.: Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J. 9(3), 816–823 (2015)
Juang, W.S.: Efficient multi-server password authenticated key agreement using smart cards. IEEE Trans. Consum. Electron. 50(1), 251–255 (2004)
Lee, C.C., Lin, T.H., Chang, R.X.: A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Syst. Appl. 38(11), 13863–13870 (2011)
Liao, Y.P., Wang, S.S.: Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(6), 1118–1123 (2009)
Liao, Y.P., Wang, S.S.: A secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(1), 24–29 (2009)
Odelu, V., Das, A.K., Goswami, A.: A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans. Inf. Forensics Secur. 10(9), 1953–1966 (2015)
Pan, J.S., Tso, R., Wu, M.E., Chen, C.M.: Security analysis of an anonymous authentication scheme based on smart cards and biometrics for multi-server environments, pp. 59–69. Springer (2015)
Sun, H.M., He, B.Z., Chen, C.M., Wu, T.Y., Lin, C.H., Wang, H.: A provable authenticated group key agreement protocol for mobile environment. Inf. Sci. 321, 224–237 (2015)
Wang, K.H., Chen, C.M., Fang, W., Wu, T.Y.: A secure authentication scheme for internet of things. Perv. Mob. Comput. 42, 15–26 (2017)
Wang, K.H., Chen, C.M., Fang, W., Wu, T.Y.: On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J. Supercomput. 74(1), 65–70 (2018)
Zhang, M., Zhang, J., Tan, W.: Remote three-factor authentication protocol with strong robustness for multi-server environment. China Commun. 14(6), 126–136 (2017)
Acknowledgement
The work of Chien-Ming Chenwas supported in part by Shenzhen Technical Project under Grant number JCYJ20170307151750788 and in part by Shenzhen Technical Project under Grant number QJSCX20170327161755. The work of Tsu-Yang Wu was supported in part by the Science and Technology Development Center, Ministry of Education, China under Grant no. 2017A13025 and the Natural Science Foundation of Fujian Province under Grant no. 2018J01636.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, CM., Huang, Y., Deng, X., Wu, TY. (2019). Cryptanalysis and Improvement of a Remote Three-Factor Authentication Protocol for the Multi-server Environment. In: Zhao, Y., Wu, TY., Chang, TH., Pan, JS., Jain, L. (eds) Advances in Smart Vehicular Technology, Transportation, Communication and Applications. VTCA 2018. Smart Innovation, Systems and Technologies, vol 128. Springer, Cham. https://doi.org/10.1007/978-3-030-04585-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-04585-2_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-04584-5
Online ISBN: 978-3-030-04585-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)