An improved biometric-based multi-server authentication scheme using smart card

Abstract

To protect the resources from unauthorized users, the remote user authentication have become an essential part in the communication network. Currently, smart card-based remote user authentication for multi-server environment is a widely used and researched method. Remote user authentication for multi-server environment has resolved the problem of users to manage the different identities and passwords. Recently, Mishra et al. proposed a multi-server authenticated key agreement scheme using smart cards, where they claim that their scheme is secure enough and could resist the various well known attacks. However, in this paper, we have shown that their scheme is not secure as they have claimed and can suffer from impersonation attacks and stolen smart card attack. Later in the paper, we propose an improved multi-server authentication scheme using smart cards, which not only overcomes the mentioned weaknesses but also can provide more functionality features.