Abstract
In 2012, Li et al. analyzed Lee et al.'s multi-server authentication scheme and proposed a novel authentication scheme. They claimed that their scheme can satisfy all of the essential requirements for multi-server environments. However, we find that Li et al.'s scheme is still vulnerable to stolen smart card attack and off-line password guessing attack. Furthermore, we propose an improved authentication scheme for multi-server environments which not only maintains the merits of Li et al.'s scheme but also remedies the security weaknesses mentioned above. Through the security analysis and performance analysis, we demonstrate that our improved scheme is more secure against many cryptographic attacks, and achieves a tradeoff between the performance and the security. As a result, the proposed scheme seems to be more simple and efficient, and more suitable for users with portable mobile devices in multi-server environments.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
