An ID-based remote user authentication scheme without using smart cards for multi-server environment

Abstract

The issue of remote user authentication scheme using smart cards for multi-server environment has been received much attention recently. Smart cards however are far from ubiquitous since some obstacles have restricted their practical applications. In this paper, we first propose an ID-based remote user authentication scheme without using smart cards for multi-server environment. The proposed scheme uses one-time password authentication to enhance the security of password. Furthermore, self-certified public key (SCK) is introduced to reduce the cost of public key management. The proposed scheme makes security analysis and compares functionality with other schemes. The results show that our scheme not only retains all advantages of robust authentication scheme for multi-server environment but also offers several nice properties such as user’s identity protection and forward secrecy.