Your browser does not support JavaScript!

Mitigating the desynchronisation attack in multiserver environment

Mitigating the desynchronisation attack in multiserver environment

For access to this article, please select a purchase option:

Buy eFirst article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Communications — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Currently, every user outsources a huge amount of shared secrets remotely from different servers and utilises synchrony resources. To make all types of operations secure for the end-user, synchronous storage is vital and asynchronous storage might lead to the unavailability of successful services. Hence, a robust authentication scheme is mandatory for such purpose which not only confirms the synchrony of the distributed shared resources but also secure access to shared secrets. So far no one has offered an accurate and flawless secure mechanism despite serious attempts. For this purpose, the authors have designed an improved and robust authentication protocol to ensure the security, integrity, and confidentiality of information and synchrony of shared secrets up to a maximum level. The security of the proposed dynamic mechanism has been verified both formally using random Oracle model and verification toolkit ProVerif2.00 and informally using assumptions and theorems. A delicate balance between security and performance has been shown in the performance analysis section of the study.


    1. 1)
      • 20. Wang, C., Xiao, Z., Zheng, Z.: ‘Cryptanalysis and improvement of a biometric-based multi-server authentication and key agreement scheme’, PLOS ONE, 2016, 11, (2), p. e0149173.
    2. 2)
      • 7. Jiang, Q., Ma, J., Li, G., et al: ‘Improvement of robust smart-card-based password authentication scheme’, Int. J. Commun. Syst., 2015, 28, (1), pp. 383393.
    3. 3)
      • 23. Park, Y., Park, K., Park, Y.: ‘Secure user authentication scheme with novel server mutual verification for multiserver environments’, Int. J. Commun. Syst., 2019.
    4. 4)
      • 3. Mike, B., Desmedt, Y.: ‘A secure and scalable group key exchange system’, Inf. Process. Lett., 2005, 94, (3), pp. 137143.
    5. 5)
      • 24. Paryasto, M.W., Sutikno, S., Arif, S.: ‘Issues in elliptic curve cryptography implementation’, Internetworking Indonesia J., 2009, 1, (1), pp. 2933.
    6. 6)
      • 22. Piro, C., Clay, S., Brian, N.: ‘Detecting the Sybil attack in mobile ad hoc networks’. IEEE SecureComm and Workshops, Baltimore, MD, USA, 2006, pp. 111.
    7. 7)
      • 33. Hess, F.: ‘Efficient identity based signature schemes based on pairings’. Int. Workshop on Selected Areas in Cryptography, Bristol, UK, 2002, pp. 310324.
    8. 8)
      • 21. Canetti, R., Oded, G., Shai, H.: ‘The random oracle methodology, revisited’, J. ACM, 2004, 51, (4), pp. 557594.
    9. 9)
      • 2. Gupta, P.C., Joydip, D.: ‘Hash based multi-server key exchange protocol using smart card’, Wirel. Pers. Commun., 2016, 87, (1), pp. 225244.
    10. 10)
      • 25. Shah, P.G., Huang, X., Sharma, D.: ‘Analytical study of implementation issues of elliptical curve cryptography for wireless sensor networks’. IEEE 24th Int. Conf. on Advanced Information Networking and Applications Workshops, Perth, Australia, 2010, pp. 589592.
    11. 11)
      • 27. Koblitz, N., Alfred, J.: ‘The random Oracle model: a twenty-year retrospective’, Des. Codes Cryptogr., 2015, 77, (2–3), pp. 587610.
    12. 12)
      • 15. Li, X., Niu, J.W., Ma, J., et al: ‘Cryptanalysis and improvement of a biometric-based remote authentication scheme using smart cards’, J. Netw. Comput. Appl., 2011, 34, (1), pp. 7379.
    13. 13)
      • 8. Wang, L.: ‘Analysis and enhancement of a password authentication and update scheme based on elliptic curve cryptography’, J. Appl. Math., 2014, 2014, Article ID 247836, DOI:
    14. 14)
      • 17. Chuang, M.C., Chen, M.C.: ‘An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics’, Expert Syst. Appl., 2014, 41, (4), pp. 14111418.
    15. 15)
      • 4. ElGamal, T.: ‘A public-key cryptosystem and signature scheme based on discrete logarithms’, IEEE Trans. Inf. Theory, 1985, 31, (4), pp. 469472.
    16. 16)
      • 31. Hassan, A., Andrew, A., Omala, , et al: ‘Identity-based user authenticated key agreement protocol for multi-server environment with anonymity’, Mobile Netw. Appl., 2019, 24, (3), pp. 890902.
    17. 17)
      • 19. Chaudhry, S.A., Naqvi, H., Farash, M.S., et al: ‘An improved and robust biometrics-based three-factor authentication scheme for multiserver environments’, J. Supercomput., 2018, 74, (8), pp. 35043520.
    18. 18)
      • 12. Das, A.K., Goswami, A.: ‘A robust anonymous biometric-based remote user authentication scheme using smart cards’, J. King Saud Univ. Comput. Inf. Sci., 2015, 27, (2), pp. 193210.
    19. 19)
      • 13. An, Y.: ‘Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards’, J. Biomed. Biotechnol., 2012, 2012, pp. 16, Article ID 519723, DOI:
    20. 20)
      • 11. Goutham, R.A., Das, A.K., Odelu, V.: ‘An enhanced biometric based authentication with key-agreement protocol for multi-server architecture based on elliptic curve cryptography’, PLOS ONE, 2016, 11, (5), p. e0154308.
    21. 21)
      • 29. Cheon, J.H., Jeong, J., Kim, D.: ‘A reusable fuzzy extractor with practical storage size: modifying Canetti et al.’s construction’. Australasian Conf. on Information Security and Privacy, Seoul, South Korea, 2018, pp. 2844.
    22. 22)
      • 30. Chandrakar, P., Om, H.: ‘A secure and robust anonymous three-factor remote user authentication scheme for a multi-server environment using ECC’, Comput. Commun., 2017, 110, (1), pp. 2634.
    23. 23)
      • 9. Odelu, V., Das, A.K., Goswami, A.: ‘An efficient ECC-based privacy-preserving client authentication protocol with key agreement using smart card’, J. Inf. Secur. Appl., 2015, 21, (1), pp. 119.
    24. 24)
      • 32. Kilinc, H.H., Yanik, T.: ‘A survey of SIP authentication and key agreement schemes’, IEEE Commun. Surv. Tutor., 2013, 16, (2), pp. 10051023.
    25. 25)
      • 14. Das, K.A.: ‘Cryptanalysis and further improvement of a biometric-based remote user authentication scheme using smart cards’, 2011, p. 1103.3159.
    26. 26)
      • 1. Lee, C.C., Lin, T.H., Chang, R.X.: ‘A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards’, Expert Syst. Appl., 2011, 38, (11), pp. 1386313870.
    27. 27)
      • 26. Coron, J., Jacques, P., Yannick, S.: ‘The random Oracle model and the ideal cipher model are equivalent’. Annual Int. Cryptology Conf., Santa Barbra, CA, USA, 2008, pp. 120.
    28. 28)
      • 18. He, D., Wang, D.: ‘Robust biometrics-based authentication scheme for multiserver environment’, IEEE Syst. J., 2014, 9, (3), pp. 816823.
    29. 29)
      • 16. Chang, T., Hwang, M., Yang, W.: ‘Cryptanalysis on an improved version of ElGamal-like public-key encryption scheme for encrypting large messages’, Informatics, 2012, 23, (4), pp. 537562.
    30. 30)
      • 28. Buchegger, S., Boudec, L.: ‘Performance analysis of the confidant protocol’. Proc. 3rd ACM Int. Symp. on Mobile Ad hoc Networking and Computing, Lausanne, Switzerland, 2002, pp. 226236.
    31. 31)
      • 5. Dolev, D., Yao, A.C.: ‘On the security of public key protocols’, IEEE Trans. Inf. Theory, 1983, 29, (2), pp. 198208.
    32. 32)
      • 6. Mishra, D., Das, A.K., Chaturvedi, A., et al: ‘A secure password-based authentication and key agreement scheme using smart cards’, J. Inf. Secur. Appl., 2015, 23, (1), pp. 2843.
    33. 33)
      • 10. Lu, Y., Li, L., Yang, X., et al: ‘Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards’, PLOS ONE, 2015, 10, (5), p. e0126323.

Related content

This is a required field
Please enter a valid email address