论文部分内容阅读
If a user wants to acquire different network services from various application servers in a traditional single server environment,the user must register these servers separately and remember different usemames and passwords for different servers.To solve these problems,a lot of authentication schemes for multi-server environment have been proposed.Recently,Odelu and Das et al.proposed a secure multi-server authentication protocol based on smart card,biometric and elliptic curve cryptography (ECC).We firstly analyze Odelu et al.’s scheme and find some flaws as follows:1) the scheme may suffer Denial of Service (Dos) attack and insider attack;2)The scheme doesn’t have strong robustness because improper work of the register center (RC) may lead to the collapse of the whole system;3) There are some design flaws in this scheme.For example,the user cannot choose his/her identity randomly and the register center needs to maintain a data table.In order to solve these problems,this paper proposes a new secure three-factor authentication protocol for multi-server environment based on Chebyshev chaotic map and secure sketch algorithm.To verify the security of the proposed scheme,we simulate our scheme using BAN logic and ProVerif tool.Through a thorough analysis,we can see that the proposed scheme not only has stronger security but also has less computation cost than Odelu et al.’s protocol.