Abstract
According to advancements in the wireless technologies, study of biometrics-based multi-server authenticated key agreement schemes has acquired a lot of momentum. Recently, Wang et al. presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. Unfortunately, this paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Furthermore, their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometrics-based authentication and key agreement scheme for multi-server environments. Compared with various related schemes, our protocol achieves the stronger security and provides more functionality properties. Besides, the proposed protocol shows the satisfactory performances in respect of storage requirement, communication overhead and computational cost. Thus, our protocol is suitable for expert systems and other multi-server architectures. Consequently, the proposed protocol is more appropriate in the distributed networks.
Highlights
Tremendous advancements in the wireless technologies enhance the quality of on-line services in the distributed networks
It makes plenty of web users enjoy a variety of helpful on-line services in many aspects, for example, on-line work, on-line medicine, on-line shopping and so on [1, 2]
As a remedy of these aforementioned problems, we propose a biometric-based authentication and key agreement protocol for multi-server architectures in order to ensure the confidentiality of sensitive datas while web user enjoys some decision-making services, such as security auditing and network management in the expert systems
Summary
According to advancements in the wireless technologies, study of biometrics-based multiserver authenticated key agreement schemes has acquired a lot of momentum. Wang et al presented a three-factor authentication protocol with key agreement and claimed that their scheme was resistant to several prominent attacks. This paper indicates that their protocol is still vulnerable to the user impersonation attack, privileged insider attack and server spoofing attack. Their protocol cannot provide the perfect forward secrecy. As a remedy of these aforementioned problems, we propose a biometricsbased authentication and key agreement scheme for multi-server environments. Our protocol is suitable for expert systems and other multi-server architectures.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
