{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,3]],"date-time":"2026-07-03T01:11:41Z","timestamp":1783041101985,"version":"3.54.6"},"reference-count":54,"publisher":"MDPI AG","issue":"7","license":[{"start":{"date-parts":[[2018,7,23]],"date-time":"2018-07-23T00:00:00Z","timestamp":1532304000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Guoai Xu","award":["2018YFB0803600, 2017YFB0801901"],"award-info":[{"award-number":["2018YFB0803600, 2017YFB0801901"]}]},{"name":"Shuming Qiu","award":["CX2018312"],"award-info":[{"award-number":["CX2018312"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>To provide secure communication, the authentication-and-key-agreement scheme plays a vital role in multi-server environments, Internet of Things (IoT), wireless sensor networks (WSNs), etc. This scheme enables users and servers to negotiate for a common session initiation key. Our proposal first analyzes Amin et al.\u2019s authentication scheme based on RSA and proves that it cannot provide perfect forward secrecy and user un-traceability, and is susceptible to offline password guessing attack and key-compromise user impersonation attack. Secondly, we provide that Srinivas et al.\u2019s multi-server authentication scheme is not secured against offline password guessing attack and key-compromise user impersonation attack, and is unable to ensure user un-traceability. To remedy such limitations and improve computational efficiency, we present a multi-server two-factor authentication scheme using elliptic curve cryptography (ECC). Subsequently, employing heuristic analysis and Burrows\u2013Abadi\u2013Needham logic (BAN-Logic) proof, it is proven that the presented scheme provides security against all known attacks, and in particular provides user un-traceability and perfect forward security. Finally, appropriate comparisons with prevalent works demonstrate the robustness and feasibility of the presented solution in multi-server environments.<\/jats:p>","DOI":"10.3390\/s18072394","type":"journal-article","created":{"date-parts":[[2018,7,24]],"date-time":"2018-07-24T02:58:56Z","timestamp":1532401136000},"page":"2394","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":36,"title":["A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography"],"prefix":"10.3390","volume":"18","author":[{"given":"Guosheng","family":"Xu","sequence":"first","affiliation":[{"name":"School of CyberSpace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8481-7541","authenticated-orcid":false,"given":"Shuming","family":"Qiu","sequence":"additional","affiliation":[{"name":"School of CyberSpace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"},{"name":"Elementary Educational College, Jiangxi Normal University, Nanchang 330022, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Haseeb","family":"Ahmad","sequence":"additional","affiliation":[{"name":"Department of Computer Science, National Textile University, Faisalabad 37610, Pakistan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Guoai","family":"Xu","sequence":"additional","affiliation":[{"name":"School of CyberSpace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yanhui","family":"Guo","sequence":"additional","affiliation":[{"name":"School of CyberSpace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Miao","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of CyberSpace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Hong","family":"Xu","sequence":"additional","affiliation":[{"name":"High-Tech Research and Development Center, the Ministry of Science and Technology, Beijing 100044, China"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2018,7,23]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"770","DOI":"10.1145\/358790.358797","article-title":"Password authentication with insecure communication","volume":"24","author":"Lamport","year":"1981","journal-title":"Commun. ACM"},{"key":"ref_2","first-page":"1","article-title":"HTTP Authentication: Basic and Digest Access Authentication","volume":"2617","author":"Franks","year":"1999","journal-title":"IETF RFC"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"381","DOI":"10.1016\/j.cose.2004.10.007","article-title":"Secure authentication scheme for session initiation protocol","volume":"24","author":"Yang","year":"2005","journal-title":"Comput. Secur."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"191","DOI":"10.4103\/0256-4602.50703","article-title":"Fingerprint Biometric-based Self-Authentication and Deniable Authentication Schemes for the Electronic World","volume":"26","author":"Khan","year":"2009","journal-title":"IETE Tech. Rev."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"e3019","DOI":"10.1002\/dac.3019","article-title":"A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security","volume":"30","author":"Farash","year":"2017","journal-title":"Int. J. Commun. Syst."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Arkko, J., Torvinen, V., Camarillo, G., Niemi, A., and Haukka, T. (2002). Security Mechanism Agreement for SIP Sessions, IETF Internet Draft.","DOI":"10.17487\/rfc3329"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"165","DOI":"10.1007\/s11042-011-0787-0","article-title":"Elliptic curve cryptography based mutual authentication scheme for session initiation protocol","volume":"66","author":"Arshad","year":"2013","journal-title":"Multimed. Tools Appl."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Chaudhry, S.A., Khan, I., Irshad, A., Ashraf, M.U., Khan, M.K., and Ahmad, H.F. (2016). A provably secure anonymous authentication scheme for session initiation protocol. Secur. Commun. Netw.","DOI":"10.1002\/sec.1672"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1007\/s10916-015-0244-0","article-title":"Cryptanalysis and Improvement of an Improved Two Factor Authentication Protocol for Telecare Medical Information Systems","volume":"39","author":"Chaudhry","year":"2015","journal-title":"J. Med. Syst."},{"key":"ref_10","first-page":"333","article-title":"An Enhanced authenticated key agreement for session initiation protocol","volume":"42","author":"Farash","year":"2013","journal-title":"Inf. Technol. Control"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"1009","DOI":"10.1016\/j.adhoc.2012.01.002","article-title":"An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings","volume":"10","author":"He","year":"2012","journal-title":"Ad Hoc Netw."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"1423","DOI":"10.1002\/sec.506","article-title":"A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography","volume":"5","author":"He","year":"2012","journal-title":"Secur. Commun. Netw."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Islam, S., and Khan, M. (2014). Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems. J. Med. Syst., 38.","DOI":"10.1007\/s10916-014-0135-9"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Kumari, S., Karuppiah, M., Das, A.K., Li, X., Wu, F., and Gupta, V. (2017). Design of a secure anonymity-preserving authentication scheme for session initiation protocol using elliptic curve cryptography. J. Ambient Intell. Hum. Comput.","DOI":"10.1007\/s12652-017-0460-1"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"7452","DOI":"10.1109\/ACCESS.2017.2780124","article-title":"A Robust Mutual Authentication Scheme Based on Elliptic Curve Cryptography for Telecare Medical Information Systems","volume":"6","author":"Qiu","year":"2018","journal-title":"IEEE Access"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1217","DOI":"10.1109\/TNET.2011.2180922","article-title":"The impact of TLS on SIP server performance: Measurement and modeling","volume":"20","author":"Shen","year":"2012","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"ref_17","unstructured":"Thomas, M. (2001). SIP Security Requirements, IETF Internet Draft. Work In Progress."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1109\/TDSC.2014.2355850","article-title":"Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment","volume":"12","author":"Wang","year":"2015","journal-title":"IEEE Trans. Depend. Secur. Comput."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1002\/dac.1286","article-title":"A new authenticated key agreement for session initiation protocol","volume":"25","author":"Xie","year":"2012","journal-title":"Int. J. Commun. Syst."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"3477","DOI":"10.1007\/s11042-014-1885-6","article-title":"A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography","volume":"74","author":"Zhang","year":"2015","journal-title":"Multimed. Tools Appl."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Qiu, S., Xu, G., Ahmad, H., and Guo, Y. (2018). An enhanced password authentication scheme for session initiation protocol with perfect-forward-secrecy. PLoS ONE, 13.","DOI":"10.1371\/journal.pone.0194072"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"e3568","DOI":"10.1002\/dac.3568","article-title":"Cryptanalysis and improvement of 2 mutual authentication schemes for Session Initiation Protocol","volume":"31","author":"Qiu","year":"2018","journal-title":"Int. J. Commun. Syst."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"869","DOI":"10.1016\/j.compeleceng.2011.09.015","article-title":"An improved timestamp-based remote user authentication scheme","volume":"37","author":"Awasthi","year":"2011","journal-title":"Comput. Electr. Eng."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"591","DOI":"10.1016\/S0167-4048(03)00709-0","article-title":"Security enhancement for the timestamp-based password authentication scheme using smart cards","volume":"22","author":"Lin","year":"2003","journal-title":"Comput. Secur."},{"key":"ref_25","first-page":"463","article-title":"Enhancement of Timestamp-based User Authentication Scheme with Smart Card","volume":"16","author":"Huang","year":"2014","journal-title":"Int. J. Netw. Secur."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"4629","DOI":"10.1007\/s11277-017-4408-8","article-title":"Cryptanalysis and Improvement of an RSA Based Remote User Authentication Scheme Using Smart Card","volume":"96","author":"Amin","year":"2017","journal-title":"Wirel. Pers. Commun."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"729","DOI":"10.1007\/s11277-013-1039-6","article-title":"Robust Smart Card Authentication Scheme for Multi-server Architecture","volume":"72","author":"Pippal","year":"2013","journal-title":"Wirel. Pers. Commun."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"175","DOI":"10.1007\/s11277-014-2002-x","article-title":"An Enhancement of a Smart Card Authentication Scheme for Multi-server Architecture","volume":"80","author":"Li","year":"2015","journal-title":"Wirel. Pers. Commun."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"6273","DOI":"10.1007\/s11277-017-4476-9","article-title":"A Self-Verifiable Password Based Authentication Scheme for Multi-Server Architecture Using Smart Card","volume":"96","author":"Srinivas","year":"2017","journal-title":"Wirel. Pers. Commun."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"263","DOI":"10.1016\/j.ins.2015.02.010","article-title":"A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks","volume":"321","author":"He","year":"2015","journal-title":"Inf. Sci. Int. J."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"29841","DOI":"10.3390\/s151229767","article-title":"Enhanced two-factor authentication and key agreement using dynamic identities in wireless sensor networks","volume":"15","author":"Chang","year":"2015","journal-title":"Sensors"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"4767","DOI":"10.3390\/s110504767","article-title":"A secured authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"11","author":"Chen","year":"2011","journal-title":"Sensors"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"10081","DOI":"10.3390\/s140610081","article-title":"Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"14","author":"Choi","year":"2014","journal-title":"Sensors"},{"key":"ref_34","first-page":"51","article-title":"A new user authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"2013","author":"Shi","year":"2013","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"1070","DOI":"10.1007\/s12083-014-0285-z","article-title":"An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks","volume":"8","author":"Jiang","year":"2015","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Jung, J., Moon, J., Lee, D., and Won, D. (2017). Efficient and security enhanced anonymous authentication with key agreement scheme in wireless sensor networks. Sensors, 17.","DOI":"10.3390\/s17030644"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Park, Y., and Park, Y. (2016). Three-factor user authentication and key agreement using elliptic curve cryptosystem in wireless sensor networks. Sensors, 16.","DOI":"10.3390\/s16122123"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Wang, D., Li, W., and Wang, P. (2018). Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks. IEEE Trans. Ind. Inform.","DOI":"10.1109\/TII.2018.2834351"},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"41","DOI":"10.1016\/j.comnet.2014.07.010","article-title":"On the Anonymity of Two-Factor Authentication Schemes for Wireless Sensor Networks: Attacks, Principle and Solutions","volume":"73","author":"Wang","year":"2014","journal-title":"Comput. Netw."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.adhoc.2014.03.003","article-title":"Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks","volume":"20","author":"Wang","year":"2014","journal-title":"Ad Hoc Netw."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Menezes, A.J. (1993). Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers.","DOI":"10.1007\/978-1-4615-3198-2"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Wang, D., and Wang, P. (2016). Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE Trans. Depend. Secur. Comput.","DOI":"10.1109\/TDSC.2016.2605087"},{"key":"ref_43","first-page":"388","article-title":"Differential power analysis","volume":"1666","author":"Kocher","year":"1999","journal-title":"Adv. Cryptol."},{"key":"ref_44","first-page":"203","article-title":"On the power of power analysis in the. real world: A complete break of the KeeLoq code hopping scheme","volume":"Volume 5157","author":"Eisenbarth","year":"2008","journal-title":"Advances in Cryptology-CRYPTO"},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"541","DOI":"10.1109\/TC.2002.1004593","article-title":"Examining smart-card security under the threat of power analysis attacks","volume":"51","author":"Messerges","year":"2002","journal-title":"IEEE Trans. Comput."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Castiglione, A., De Santis, A., Castiglione, A., and Palmieri, F. (2014). An Efficient and Transparent One-Time Authentication Protocol with Non-interactive Key Scheduling and Update. AINA, 351\u2013358.","DOI":"10.1109\/AINA.2014.45"},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"162","DOI":"10.1016\/j.ins.2015.03.070","article-title":"Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity","volume":"321","author":"Wang","year":"2015","journal-title":"Inf. Sci."},{"key":"ref_48","first-page":"1242","article-title":"Targeted online password guessing: An underestimated threat","volume":"16","author":"Wang","year":"2016","journal-title":"Proc. ACM CCS"},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Wang, D., and Wang, P. (2016, January 26\u201330). On the implications of Zipf\u2019s law in passwords. Proceedings of the 21st European Symposium on Research in Computer Security, Heraklion, Greece.","DOI":"10.1007\/978-3-319-45744-4_6"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"2776","DOI":"10.1109\/TIFS.2017.2721359","article-title":"Zipf\u2019s Law in Passwords","volume":"12","author":"Wang","year":"2017","journal-title":"IEEE Trans. Inform. Forensics Secur."},{"key":"ref_51","doi-asserted-by":"crossref","unstructured":"Syverson, P.F., and Cervesato, I. (2000). The Logic of Authentication Protocols, FOSAD.","DOI":"10.1007\/3-540-45608-2_2"},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1145\/77648.77649","article-title":"A logic of authentication","volume":"8","author":"Burrow","year":"1990","journal-title":"ACM Trans. Comput. Syst."},{"key":"ref_53","first-page":"1","article-title":"An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC","volume":"75","author":"Arshad","year":"2014","journal-title":"Multimed. Tools Appl."},{"key":"ref_54","doi-asserted-by":"crossref","unstructured":"Kilinc, H., and Yanik, T. (2013). A survey of SIP authentication and key agreement schemes. IEEE Commun. Surv. Tutor.","DOI":"10.1109\/SURV.2013.091513.00050"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/7\/2394\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:13:50Z","timestamp":1760195630000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/7\/2394"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,7,23]]},"references-count":54,"journal-issue":{"issue":"7","published-online":{"date-parts":[[2018,7]]}},"alternative-id":["s18072394"],"URL":"https:\/\/doi.org\/10.3390\/s18072394","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,7,23]]}}}