A Robust Password-Based Multi-Server Authentication Scheme
This work addresses security vulnerabilities in password-based authentication for multi-server systems, but it is incremental as it builds on and fixes prior schemes.
The paper identifies that Tsai et al.'s multi-server authentication scheme is vulnerable to undetectable online password guessing attacks, allowing adversaries to perform major cryptographic attacks, and proposes an improved scheme to overcome these defects.
In 2013, Tsai et al. cryptanalyzed Yeh et al. scheme and shown that Yeh et al., scheme is vulnerable to various cryptographic attacks and proposed an improved scheme. In this poster we will show that Tsai et al., scheme is also vulnerable to undetectable online password guessing attack, on success of the attack, the adversary can perform all major cryptographic attacks. As apart of our contribution, we have proposed an improved scheme which overcomes the defects in Tsai et al. and Yeh et al. schemes.