Remote Three-Factor Authentication Protocol with Strong Robustness for Multi-Server Environment

If a user wants to acquire different network services from various application servers in a traditional single server environment,the user must register these servers separately and remember different usernames and passwords for different servers.To solve these problems,a lot of authentication schemes for multi-server environment have been proposed.Recently,Odelu and Das et al.proposed a secure multi-server authentication protocol based on smart card,biometric and elliptic curve cryptography(ECC) .We firstly analyze Odelu et al.’s scheme and find some flaws as follows:1) the scheme may suffer Denial of Service(Dos) attack and insider attack;2) The scheme doesn’t have strong robustness because improper work of the register center(RC) may lead to the collapse of the whole system;3) There are some design flaws in this scheme.For example,the user cannot choose his/her identity randomly and the register center needs to maintain a data table.In order to solve these problems,this paper proposes a new secure three-factor authentication protocol for multi-server environment based on Chebyshev chaotic map and secure sketch algorithm.To verify the security of the proposed scheme,we simulate our scheme using BAN logic and Pro Verif tool.Through a thorough analysis,we can see that the proposed schemenot only has stronger security but also has less computation cost than Odelu et al.’s protocol.