An efficient and secure design of multi-server authenticated key agreement protocol

Azeem Irshad, Husnain Naqvi, Shehzad Ashraf Chaudhry, Shouket Raheem, Saru Kumari, Ambrina Kanwal, Muhammad Usman

    Research output: Contribution to journalArticlepeer-review

    25 Downloads (Pure)


    Multi-server authentication, being a crucial component of remote communication, provides the ease of one-time registration to users from a centralized registration authority. Therefore, the users could avail the offered services after getting authenticated of any service provider using the same registration credentials. In recent years, many multi-server authentication protocols have been demonstrated. Nonetheless, the existing schemes do not meet the security and efficiency requirements of the time. Recently, Chuang et al. presented a multi-server biometric authentication protocol which was later crypt-analysed and improved by Lin et al. with the identification of few attacks. Later, we discover that Lin et al.’s protocol is still prone to replay attack, privileged insider attack, trace attack, de-synchronization attack and key-compromise impersonation attacks. In this study, we present a multi-server authentication protocol which is not only comparable with Lin et al.’s scheme but also efficient than other state-of-the-art multi-server protocols. The security properties of our scheme are proved using formal analysis and evaluated with automated verification tool based on ProVerif.
    Original languageEnglish
    Pages (from-to)4771-4797
    JournalJournal of Supercomputing
    Issue number9
    Publication statusPublished - Sept 2018


    • Multi-server authentication
    • Biometric verification
    • Online service providers
    • Cryptanalysis
    • Attacks


    Dive into the research topics of 'An efficient and secure design of multi-server authenticated key agreement protocol'. Together they form a unique fingerprint.

    Cite this