An Efficient Two-Server Authentication and Key Exchange Protocol

To avail networked services via insecure channel, it is necessary to establish a symmetric key between two parties. In such a provision, both the end parties demand proper auditing so that resources are legitimately used, and privacies are maintained. To achieve this, there is a need for a robust authentication mechanism. Towards the solution, a number of password-based Diffie-Hellman authentication and key exchange protocols have been reported recently. However, they are vulnerable to many security threats such as manin-the-middle, replay, byzantine, dictionary attacks, etc. This work proposes a password-based two-server authentication and key exchange protocol addressing the major limitations in the existing protocols. The security analysis substantiate that the proposed scheme is provably secure and successfully addressed the existing issues. The performance study contemplates that the overhead of the protocol is reasonable and comparable with other schemes. The proposed protocol can be considered as a robust authentication protocol for a secure access to Cloud services.