摘要:In the internet environment, it is desirable for a user to login different servers by keying the same password and using the same smart card. This paper proposes an authentication and key agreement scheme with key confirmation for multi-server environments. Compared with the previous authentication and key agreement schemes for multi-server environments, the new scheme holds many merits. It satisfies the following properties: R1. Single registration; R2. User friendly; R3. Prevention of the replay, the password guessing without smart cards, the impersonation and the stolen-verifier attacks; R4. Resistance against server spoofing; R5. Mutual authentication; R6. Two-factor authentication; R7.Resistance against known-key attacks; R8. Perfect forward secrecy; R9. Scalability of login; R10. Anonymity of users.
