摘要:The certification and key agreement protocol in a multiple server environment is a major security issue.Most password authentication schemes in the past are built based on a single server environment where itneeded to be registered on the registration center every time user required server access. However, since2000, there has been a lot of focus on remote user authentication schemes that combine both passwordauthentication and biometric data in a multiple server environment.Recently, Baruah et al.'s paper suggested that there's a lot of flaws to the multiple server key agreementscheme by Mishra et al. and suggested an improved protocol based on biometrics.Baruah et al'.s paper claims that the suggested scheme satisfies all the safety certification of a securityscheme. However, after analyzing the suggested scheme, it was found to be vulnerable to impersonationattack, forward secrecy, man-in-the-middle attack, replay attack and denial of service attack. The followingpaper logically analyzes the vulnerabilities of the authentication scheme suggested by Baruah et al. andattempts to contribute to future structural development of authentication schemes in a multiple serverenvironment.
Loading...
