A Novel Multiserver Authentication Protocol with Multifactors for Cloud Service

Abstract

Secure and efficient authentication protocols are necessary for cloud service. Multifactor authentication protocols taking advantage of smart card, user’s password, and biometric, are more secure than password-based single-factor authentication protocols which are widely used in practice. However, most of the multiserver authentication protocols may have weak points, such as smart card loss attack, man-in-the-middle attack, anonymity, and high computation cost of authentication center. In order to overcome the above weaknesses, we propose a novel multiserver multifactor authentication protocol based on the Kerberos protocol using the extended Chebyshev chaotic mapping as a cryptographic algorithm. The proposed protocol achieves anonymity without sharing secret keys in advance and needs the user to register with the authentication center only once. Finally, we prove the security of the new protocol with BAN logic and compare it with other multifactor authentication protocols for multiserver environment. The results show that our proposed protocol is more secure and efficient and better for practical application.