Abstract
With the rapid development of Internet, lots of transactions are conducted on-line without interactions face to face. A critical issue is to keep these transactions secure and confidential. Since the Internet is a virtual and insecure world, it is rather important to authenticate each other for providing a secure environment. A password- based authenticated key exchange protocol not only allows a user to login remote servers with an easily rememberable password, but also achieves mutual authentication as well. A shared session key is then established for subsequent communication. However, if such protocols are applied in multi-server environments, the system is often vulnerable to password guessing attacks and impersonation attacks. Besides, each user has to remember multiple passwords due to the security concern. In this paper, vie propose an efficient password-based authenticated key exchange protocol with smart cards for multiserver environments. The proposed protocol enables a user to utilize a single password for registration and requesting services of different remote servers. Each server is also unnecessary to maintain a verification table. Moreover, our protocol can dynamically add or remove servers without the assistance of registration center. Compared with previous works, ours not only has better efficiency, but also provides more capabilities.
| Original language | English |
|---|---|
| Pages (from-to) | 1541-1555 |
| Number of pages | 15 |
| Journal | International Journal of Innovative Computing, Information and Control |
| Volume | 8 |
| Issue number | 3 A |
| State | Published - 03 2012 |
Keywords
- Authentication
- Key exchange
- Multi-server
- Password
- Smart card