Donikena Prashanth, S. Srikanth Reddy, P. Suresh Kumar


While using Burrows-Abad-Needham logic, we reveal that our plan provides secure authentication. Additionally, we simulate our plan for that formal security verification while using broadly recognized and used automated validation of Internet security software methods and programs tool, and reveal that our plan is safe against passive and active attacks. Within this paper, we first evaluate He-Wang’s plan and reveal that their plan is susceptible to a known session specific temporary information attack and impersonation attack. Additionally, we reveal that their plan doesn't provide strong user’s anonymity. In addition, He-Wang’s plan cannot supply the user revocation facility once the wise card shedsOrtaken or user’s authentication parameter is revealed. Aside from these, He-Wang’s plan has some design flaws, for example wrong password login and it is effects and wrong password update during password change phase. Then we propose a brand new secure multi-server authentication protocol using biometric-based wise card and ECC with increased security benefits. Our plan provides high security together with low communication cost, computational cost, and number of security measures. Consequently, our plan is extremely appropriate for battery-limited mobile products as in comparison with He-Wang’s plan.


Security; Authentication; Smart Card; Revocation And Re-Registration; BAN Logic; AVISPA;


T.-Y. Chen, C.-H. Ling and M.-S. Hwang, “Weaknesses of the Yoon–Kim–You remote user authentication scheme using smart cards,” in Proc. IEEE Workshop Electron., Comput. Appl., Ottawa, ON, Canada, May 2014, pp. 771–774.

S. Kumari and M. K. Khan, “Cryptanalysis and improvement of ‘a robust smart-card-based remote user password authentication scheme,”’ Int. J. Commun. Syst., vol. 27, no. 12, pp. 3939–3955, 2014.

D. He. (2011). “Security flaws in a biometrics-based multi-server authentication with key agreement scheme,” IACR Cryptol. ePrint Arch., Tech. Rep. 2011/365, pp. 1–9. [Online]. Available: http://eprint.iacr.org/2011/365.pdf

X. Huang, Y. Xiang, A. Chonka, J. Zhou, and R. H. Deng, “A generic framework for three-factor authentication: Preserving security and privacy in distributed systems,” IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 8, pp. 1390–1397, Aug. 2011.

Q. Zhang, Y. Yin, D.-C. Zhan, and J. Peng, “A novel serial multimodal biometrics framework based on semisupervised learning techniques,” IEEE Trans. Inf. Forensics Security, vol. 9, no. 10, pp. 1681–1694, Oct. 2014.

Full Text: PDF


  • There are currently no refbacks.

Copyright © 2012 - 2021, All rights reserved.| ijitr.com

Creative Commons License
International Journal of Innovative Technology and Research is licensed under a Creative Commons Attribution 3.0 Unported License.Based on a work at IJITR , Permissions beyond the scope of this license may be available at http://creativecommons.org/licenses/by/3.0/deed.en_GB.