An Extended Multi-Server-Based User Authentication and Key Agreement Scheme with User Anonymity
등록일 2017.09.07어도비 PDF (pdf)|13페이지|가격 4,800원
* 본 문서는 배포용으로 복사 및 편집이 불가합니다.
ㆍ발행기관 : 한국인터넷정보학회ㆍ수록지정보 : KSII Transactions on Internet and Information Systems (TIIS) / 7권 / 1호 ㆍ저자명 : ( Chun-ta Li ) , ( Cheng-chi Lee ) , ( Chi-yao Weng ) , ( Chun-i Fan )
With the explosive growth of computer networks, many remote service providing servers and multi-server network architecture are provided and it is extremely inconvenient for users to remember numerous different identities and passwords. Therefore, it is important to provide a mechanism for a remote user to use single identity and password to access multi-server network architecture without repetitive registration and various multi-server authentication schemes have been proposed in recent years. Recently, Tsaur et al. proposed an efficient and secure smart card based user authentication and key agreement scheme for multi-server environments. They claimed that their scheme satisfies all of the requirements needed for achieving secure password authentication in multi-server environments and gives the formal proof on the execution of the proposed authenticated key agreement scheme. However, we find that Tsaur et al.`s scheme is still vulnerable to impersonation attack and many logged-in users` attack. We propose an extended scheme that not only removes the aforementioned weaknesses on their scheme but also achieves user anonymity for hiding login user`s real identity. Compared with other previous related schemes, our proposed scheme keeps the efficiency and security and is more suitable for the practical applications.