Research On Three-factor Authentication Scheme For Multi-server Environments Using Elliptic Curve Cryptography

With the rapid development of the network,the application of identity authentication scheme is widely used in various fields.This article detailedly discusses research on three-factor authentication scheme for multi-server environments based on elliptic curve cryptography,and introduce the Hash algorithm and the algorithm of Elliptic Curve Cryptography.This article showed Jongho Moon's scheme and Shehzad Ashraf Chaudhry's scheme were vulnerable to denial of service attacks,user impersonation attack,lack of forward safety,failed to guarantee that the user,the server had a unique identifier,and failed to change password.This article proposes two new three factor authentication protocol based on elliptic curve cryptosystem using the fuzzy extractor.The proposed scheme is verified by Burrows-Abadi-Needham(BAN)logic.Compared with the previous three-factor multi-server authenticated schemes,the proposed scheme is more secure and practical.The main content of this paper are arranged as following:In Chapter 1,we introduce the development of research on three-factor authentication scheme for multi-server environments using elliptic curve cryptography.In Chapter 2,we state the functional goals of the identity authentication protocol,analyze the background knowledge of the three factor,the multi-server environments,the Burrows-Abadi-Needham(ban)logic,the Hash algorithm and the algorithm of Elliptic Curve Cryptography.In Chapter 3,we show Jongho Moon's scheme was vulnerable to denial of service attacks,user impersonation attack,failed to guarantee that the user had a unique identifier,and failed to change password.In Chapter 4,we show Chaudhry's scheme was vulnerable to denial of service attacks,user impersonation attack,failed to guarantee that the server had a unique identifier,lack of forward safety.In Chapter 5,we propose a new three-factor authentication scheme for multi-server environments using elliptic curve cryptography.The registration center does not participate in the certification process.In Chapter 6,we propose a new three-factor authentication scheme for multi-server environments using elliptic curve cryptography.The registration center participates in the certification process.As compared with the previous three-factor multi-server authenticated schemes,the proposed scheme is more secure and practical.In Chapter 7,we summarize the article and expectation research.