Abstract
With the increasing number of users and the emergence of different types of network services, a multi-server architecture has emerged in recent years. In order to ensure the secure communication of Internet participants in an open network environment, the authentication and key agreement protocol for multi-server architectures were proposed in the past. In 2018, Chatterjee et al. put forward a lightweight three-factor authentication and key agreement protocol for a multi-server environment, and they claimed that all known security features with satisfactory performance could be realized in their protocol. However, it is found that their scheme is vulnerable to user impersonation attacks and cannot achieve user un-traceability and three-factor security through our cryptanalysis. In order to solve these shortcomings, we propose a new lightweight and anonymous three-factor authentication scheme for the multi-server environment in this article. Furthermore, the proposed protocol is proved to be AKE secure theoretically, and we use BAN-logic to prove that our protocol realizes mutual authentication between communication participants. Finally, we show that our proposed scheme is practical and efficient through the comparison of security features and performance.
Highlights
In the past two decades, people’s lives have changed significantly because of the development of the Internet
Step 12: According Step 11, A5 and jurisdiction rule, we prove Goal 1: Ui ≡. It can be seen from Goal 1, Goal 2, Goal 3, and Goal 4 that the mutual authentication between user Ui and server Sj is completed, and the session key SK trusted by both parties is reached
In 2018, Chatterjee et al published an authentication protocol based on an extended Chebyshev chaotic map for multi-server environments
Summary
In the past two decades, people’s lives have changed significantly because of the development of the Internet. In the research process of authentication and key agreement protocol, these schemes need to improve the security (such as introducing biological information as the security factor) and should have better performance to adapt to the more practical environment, such as wireless sensor network, body area network, and so on. Chatterjee et al proposed a three-factor authentication and key agreement protocol based on an extended chaotic map for the multi-server environment in 2018 [30] and claimed that the protocol could achieve all known security features with satisfactory performance. (3) In the login and authentication phase, the requester has a complete set of legal ID, password, smart card, and biological information, which is the necessary condition to generate legal login request information In this way can we ensure the correctness of users’ identity and resist the user impersonation attacks. (3) The proposed protocol is proved to be AKE secure theoretically, and we use BAN-logic to prove that our protocol realizes mutual authentication between communication participants (4) Through the comparison of security features and performance, it can be found that our proposed scheme is excellent and practical
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
