An Improved Biometric Multi-Server Authentication Scheme for Chang et al.'s Protocol

Azeem Irshad, Shehzad Ashraf Chaudhry, Muhammad Shafiq, Muhammad Usman, Muhammad Asif, Saru Kumari

Research output: Contribution to journalArticlepeer-review

Abstract

The remote authentication has been advancing with the growth of online services being offered on remotely basis. This calls for an optimal authentication framework other than single-server authentication. In this connection, the multi-server authentication architecture has been introduced in the literature that enables the users to avail variety of services of various servers, using a single pair of identity and password. Lately, we have witnessed a few multi-server authentication schemes in the literature, although security with loopholes. One of those multi-server authentication schemes has been presented by Chang et al. recently. Our analysis shows that the Chang et al. is vulnerable to impersonation attack, stolen smart card attack. In this study, we have reviewed the protocol thoroughly, and proposed an improved model, that is resistant to all known and identified attacks. The formal and informal security analysis for proposed model is also presented in this study, besides performance and its evaluation analysis.
Original languageEnglish
Pages (from-to)211-224
JournalInformation Technology and Control
Volume48
Issue number2
DOIs
Publication statusPublished - 25 Jun 2019

Keywords

  • Multiserver authentication
  • cryptanalysis
  • biometrics
  • remote authentication
  • attacks

Fingerprint

Dive into the research topics of 'An Improved Biometric Multi-Server Authentication Scheme for Chang et al.'s Protocol'. Together they form a unique fingerprint.

Cite this