A secure dynamic ID based remote user authentication scheme for multi-server environment

Since the number of server providing the facilities for the user is usually more than one, the authentication protocols for multi-server environment are required for practical applications. Most of password authentication schemes for multi-server environment are based on static ID, so the adversary can use this information to trace and identify the user's requests. It is unfavorable to be applied to special applications, such as ecommerce. In this paper, we develop a secure dynamic ID based remote user authentication scheme to achieve user's anonymity. The proposed scheme only uses hashing functions to implement a robust authentication scheme for the multi-server environment. It provides a secure method to update password without the help of third trusted party. The proposed scheme does not only satisfy all requirements for multi-server environment but also achieve efficient computation. Besides, our scheme provides complete functionality to suit with the real applications. © 2007 Elsevier B.V. All rights reserved.