Robust Biometrics-based Key Agreement Scheme with Smart Cards towards a New Architecture

In a traditional single server authentication scheme, if a user wishes to access network services from different servers, the user has to register with these servers separately. To handle this issue, multi-server authentication scheme has been proposed. Multi-server authenticated key agreement (MSAKA) protocols allow the user to register at the registration center (RC) once and can access all the permitted services provided by the eligible servers. In other words, users do not need to register at numerous servers repeatedly. However, MSAKA schemes are created with defects about the centralized registration center architecture. This architecture will make the centralized registration center become unsafe and have to deal with many registered and authenticated tasks. So the paper spares no effort to eliminate three problems: single-point of security, single-point of efficiency and single-point of failure. Based on these motivations, it is firstly proposed a new multiple servers to server architecture (MSTSA) to solve the problems caused by centralized registration center. Then a provably secure and robust biometrics-based Multiple Servers to Server authentication with key agreement scheme is presented using chaotic maps with smart cards. Security of the protocol is based on the computational infeasibility of solving Chaotic Maps-Based Discrete Logarithm problem (CMBDLP), Chaotic Maps-Based Diffie-Hellman problem (CMBDHP) and a secure symmetric encryption. At the same time the proposed scheme can not only refrain from consuming modular exponential computing and scalar multiplication on an elliptic curve, but is also robust to various attacks and achieves perfect forward secrecy with adjusting different server as a registration center for adapting to different users interests.