Two Improved Multi-server Authentication Protocols Based on Hash Function and Smart Card
To use the network services provided by multiple servers in mobile wireless network, recently, Tsai proposed a hash function and smart card based multi-server authentication protocol. Chen et al. showed that Tsai's scheme cannot resist the server spoofing attack, and proposed a novel one. In this paper, the authors show that Chen et al.'s protocol cannot resist off-line password guessing attacks, and propose two improvements of Tsai and Chen et al's protocols, respectively. Two improved protocols have many advantages over existing solutions, as it relies on neither of encryption, signature, verification tables, timestamp, and public keys directory.