An Elliptic Curve Cryptography-Based Multi-Server Authentication Scheme Using Cancelable Biometrics

Authentication is a very important element in any secure cryptographic mechanism. For secure authentication between two parties in an open network, various schemes have been proposed. Previously many of them involved communication between clients and a single server and biometrics were not used. Later, to increase the level of security, three-factor authentication schemes involving passwords, biometrics, and smart cards were introduced for secure communication in amulti-server environment. But, majority of these schemes do not provide facility for biometrics update phase. Additionally, these existing schemes are vulnerable to different forms of adverse attacks. Athree-factor-based authentication scheme in amulti-server environment using Elliptic Curve Cryptography (ECC) has been introduced in our paper to remove these kinds of security flaws. In order to prove the validity of the secrecy provided in the proposed scheme, the widely accepted ProVerif tool has been used. We have also discussed informal security analysis of the proposed scheme. Finally, the proposed scheme is compared with existing related schemes based on different performance and security parameters.