Security and Communication Networks

Research Article

Improved ECC-Based Three-Factor Multiserver Authentication Scheme

The summary of authentication schemes.


Scheme	Cryptographic techniques	Limitations

Pippal et al. [27]	(1) Utilized one-way hash function (2) Based on Diffie–Hellman problem (3) Based on smart card	(1) Does not resist impersonation attacks (2) Does not resist internal attacks

Li et al. [31]	(1) Utilized one-way hash function (2) Based on Diffie–Hellman problem (3) Based on smart card	(1) Does not resist password-guessing attacks (2) Does not resist impersonation attacks (3) Does not resist internal attacks (4) Does not resist smart card theft attacks (5) Does not support user anonymity

Kumari et al. [32]	(1) Based on biometrics (2) Utilized one-way hash function (3) Based on anonymous authentication	(1) Does not support user anonymity (2) Does not resist man-in-the-middle attacks

Feng et al. [33]	(1) Utilized ECC (2) Based on smart card (3) Based on biometrics	(1) Does not provide three-factor secrecy (2) Does not resist known session-specific temporary information attack

Ali and Pal [34]	(1) Utilized ECC (2) Three-factor security (3) Based on data encryption scheme	(1) Does not resist impersonation attacks (2) Does not resist internal attacks (3) Does not provide forward secrecy (4) Does not provide three-factor secrecy (5) Does not resist known session-specific temporary information attack

Wang et al. [36]	(1) Utilized ECC (2) Based on biometrics (3) Based on data encryption scheme	(1) Does not resist impersonation attacks (2) Does not resist known session-specific temporary information attack