Analysis And Design Of Three-factor Multi-server Authentication Scheme With Anonymity

In the context of the rapid development of network applications,the identity authentication and key agreement protocol under multi-server architecture in the network is the key to realizing remote user authentication.However,many existing solutions suffer potential attacks,lack three-factor security,and ignore anonymity.Therefore,this paper pointed out the defects and proposed an anonymous three-factor scheme.Wen and Chang have improved the problem of insufficient security in the authentication scheme proposed by Liu et al.,but still have not solved the problem of user impersonation attack conducted by malicious server,and lost security attributes such as anonymity and forward security,etc.Therefore,this dissertation pointed out the problems in the scheme of Wen and Chang.A lightweight anonymous three-factor multi-server authentication protocol was proposed.It used fuzzy extractor and fuzzy verifier to protect biometrics and passwords.Through the attacker model,it proved that the scheme can effectively prevent smart-card loss attacks,impersonation attacks,replay attacks,etc.,and provides more functions such as anonymity and forward security.After that,an anonymous three-factor multi-server identity authentication protocol based on elliptic curve cryptography was proposed,which is more secure and more efficient than predecessor protocols of the same type.Moreover,its security is provable using BAN logic.Therefore,they can be applied to multi-server authentication networks that require high security and reliability.The main sections of this paper are organized as follows:Chapter 1 introduces the research background and research status of the three-factor multi-server identity authentication protocol.Chapter 2 introduces the basic principles of identity authentication protocol design,as well as the basic knowledge and tools related to mathematics and cryptography.Chapter 3 reviewed a multi-server authentication scheme proposed by Wen et al.,analyzed its security,pointed out its design errors and potential attacks.Chapter 4 proposes a lightweight improvement scheme based on Hash function.The analysis proves the security features of the protocol and compares it with other protocols.Chapter 5 proposed an anonymous identity authentication protocol based on elliptic curve.The analysis proves the security features of the protocol and compares it with other protocols.Chapter 6 summarize the full text and explore the possible directions for the next step.