An ECC Based Secure Authentication and Key Exchange Scheme in Multi-server Environment

For providing strong mutual authentication in a multi-server environment many algorithms have been proposed. Most of the algorithms provide mutual authentication between client and multiple servers by using single control server for registration. In this paper, we consider a scenario, in which client and server belong to the different control server. We have proposed a protocol for providing authentication in the multi-control server environment. In our scheme, for strong authentication, we use user's biometric and registered password value in the authentication process. We also use the concept of elliptic curve cryptography to provide security features in our scheme. Furthermore, Burrows-Abadi-Needham logic has been used for formal security analysis in our work. With informal security analysis, we prove that our scheme is secure against popular security attacks likedenial of service attack, man-in-the-middle attack, replay attack and stolen smart card attack.