Robust Smart Card Authentication Scheme for Multi-server Architecture

In a traditional single server smart card authentication scheme, one server is responsible for providing services to all the registered remote users. Though if a user wishes to access network services from different servers, he or she has to register with these servers separately. To handle this issue, multi-server authentication scheme has been proposed. However, almost all these schemes available in the literature are exposed to one or the other potential attack. This paper proposes robust multi-server authentication scheme using smart cards. It eliminates the use of verification table and permits the registered remote users to access multiple servers without separate registration. Moreover, users can choose and change the password securely without any assistance from the server or registration center, supports mutual authentication and session key agreement between user and the server. Furthermore, the proposed scheme withstands present potential network attacks. Besides, our scheme is validated by using BAN logic. Comparative analysis of existing schemes with our proposed scheme is also presented in terms of various security features provided and computational complexity.