An improved lightweight multiserver authentication scheme

Azeem Irshad, Shehzad Ashraf Chaudhry, Saru Kumari, Muhammad Usman, Khalid Mahmood, Muhammad Shahzad Faisal

    Research output: Contribution to journalArticlepeer-review

    61 Downloads (Pure)


    Multiserver authentication complies with the up‐to‐date requirements of Internet services and latest applications. The multiserver architecture enables the expedient authentication of subscribers on an insecure channel for the delivery of services. The users rely on a single registration of a trusted third party for the procurement of services from various servers. Recently, Chen and Lee, Moon et al, and Wang et al presented multiserver key agreement schemes that are found to be vulnerable to many attacks according to our analysis. The Chen and Lee scheme was found susceptible to impersonation attack, trace attack, stolen smart card attack exposing session key, key‐compromise impersonation attack, and inefficient password modification. The Moon et al is susceptible to stolen card attack leading to further attacks, ie, identity guessing, key‐compromise impersonation attack, user impersonation attack, and session keys disclosure, while Wang et al is also found to be prone to trace attack, session‐specific temporary information attack, key‐compromise information attack, and privileged insider attack leading to session key disclosure and user impersonation attacks. We propose an improved protocol countering the indicated weaknesses of these schemes in an equivalent cost. Our scheme demonstrates automated and security analysis on the basis of Burrows‐Abadi‐Needham logic and also presents the performance evaluation for related schemes.
    Original languageEnglish
    Article numbere3351
    JournalInternational Journal of Communication Systems
    Issue number17
    Publication statusPublished - 4 Jul 2017


    • Multi-server authentication
    • remote authentication
    • biometrics
    • attacks


    Dive into the research topics of 'An improved lightweight multiserver authentication scheme'. Together they form a unique fingerprint.

    Cite this