摘要:In this paper aims to suggest advanced and improved scheme by analyzing the vulnerability of userauthentication scheme of Mishra et al'.s in multi-server environment. Mishra et al'.s scheme was developedfrom Chuang et al'.s scheme to prevent user impersonation attacks, smart card theft attacks, denial ofservice attacks and/or server impersonation attacks with user authentication parameter h(PSK), which arevulnerability of Chuang et al'.s scheme. However, the findings indicated that similar flaws were found inMishra et al'.s scheme as well. On the basis of the analysis, this paper suggested that server center issue asingle secret parameter for each application server and biometric information, destination, identifier and timestamp information be added to user's login message to remedy the weakness of the Mishra et al'.s scheme.
