Password and Smart Card Based User Authentication Mechanism for Multi-Server Environments
Secure user authentication without repeating registration is one of the important issues in multi-server networks that needs to be adequately addressed. Recently, two-factor (smart card and password) based remote user authentication protocols have been widely introduced due to their low constructional cost and convenient usability for the authentication purpose. In 2011, Chang and Cheng proposed a smart card and password based remote login mechanism for multi-server environments. However, in this paper, the authors found that Chang-Cheng's mechanism suffers from susceptibility to security attacks. As a result, they introduced an improved version of smart card based password authentication mechanism in multi-server networks. Compared with other related protocols, performance analysis shows that their proposed mechanism is still cost-efficient for the real application in multi-server environments.