Comments of an Efficient and Secure Multiserver Authentication Scheme With Key Agreement
Recently, Tsaur et al. proposed an authentication scheme for multi-server environments and claimed their scheme could withstand various attacks. In this paper, the authors will point out that Tsaur et al. scheme is not suitable for multi-server environments since the user has to register for every server. Furthermore, they will show Tsaur et al. scheme is vulnerable to the password guessing attack and the privileged insider attack. The authentication protocols using smart cards are widely used in the network communication. To satisfy the application in multi-server environments, the authentication scheme for multi-server environments was proposed.