A design of provably secure multi-factor ECC-based authentication protocol in multi-server cloud architecture

The emerging cloud infrastructure has escalated number of servers offering flexible and diverse remote services through public channels. However, user authentication in conventional single-server architecture necessitates multiple smart cards maintenance and passwords memorization to access different cloud servers. To address this limitation, researchers devised authentication protocols for multi-server architecture that offers scalable platform wherein users can access multiple servers with single registration. The multi-factor authentication protocols leverage biometric keys to bind users' physical characteristics with their identity, offering higher security than two-factor authentication protocols. However, the existing protocols for multi-server architecture are prone to replay, user impersonation, denial of service, server spoofing attacks and lack security functionalities such as user anonymity and untraceability, backward and forward secrecy, and session key security. Moreover, the incorporation of registration center (RC) to authenticate each pair of user-server in multi-server architecture can lead to computational bottleneck and single-point failure issues on RC. To overcome these security loopholes, we design a novel provably secure multi-factor elliptic curve cryptography (ECC) based authentication protocol for multi-server architecture with offline RC for cloud environment. The formal security analysis under widely accepted real-or-random (ROR) model and informal security analysis of proposed protocol demonstrate provision of security functionalities and resilience against potential security attacks. Furthermore, we adopt Scyther security verification tool to verify our protocol's correctness and security properties. The performance evaluation demonstrates that our protocol offers robust security functionalities with reasonable communication and computation overheads than state-of-the-art protocols.