| Abstract: | In order to meet people's demand for various types of network services, researchers have conducted extensive research on authentication schemes for multi-server architecture. Although various schemes have been proposed, most of them still have safety defects and fail to meet safety requirements. Recently, Haq et al presented an efficient Hash-based authenticated key agreement scheme for multi-server scheme and claimed that their scheme can withstand all well-known attacks. However, we find that their scheme is vulnerable to replay attack, tracking attack and malicious server impersonation user attack. Then we propose an improved scheme. We also analyze the security of the improved scheme and compare with Haq et al's scheme in security and computational efficiency. Furthermore, we use the AVISPA(Automated Validation of Internet Security Protocols and Applications) tool to verify the security of the improved scheme. |
