An Improved Biometric Multi-Server Authentication Scheme for Chang et al.'s Protocol

Azeem Irshad, Shehzad Ashraf Chaudhry, Muhammad Shafiq, Muhammad Usman, Muhammad Asif, Saru Kumari

    Research output: Contribution to journalArticlepeer-review

    Abstract

    The remote authentication has been advancing with the growth of online services being offered on remotely basis. This calls for an optimal authentication framework other than single-server authentication. In this connection, the multi-server authentication architecture has been introduced in the literature that enables the users to avail variety of services of various servers, using a single pair of identity and password. Lately, we have witnessed a few multi-server authentication schemes in the literature, although security with loopholes. One of those multi-server authentication schemes has been presented by Chang et al. recently. Our analysis shows that the Chang et al. is vulnerable to impersonation attack, stolen smart card attack. In this study, we have reviewed the protocol thoroughly, and proposed an improved model, that is resistant to all known and identified attacks. The formal and informal security analysis for proposed model is also presented in this study, besides performance and its evaluation analysis.
    Original languageEnglish
    Pages (from-to)211-224
    JournalInformation Technology and Control
    Volume48
    Issue number2
    DOIs
    Publication statusPublished - 25 Jun 2019

    Keywords

    • Multiserver authentication
    • cryptanalysis
    • biometrics
    • remote authentication
    • attacks

    Fingerprint

    Dive into the research topics of 'An Improved Biometric Multi-Server Authentication Scheme for Chang et al.'s Protocol'. Together they form a unique fingerprint.

    Cite this