关键词: 多服务器, 身份认证, 安全概略, 切比雪夫多项式, 三因素

Abstract: Compared with single-server authentication scheme, the protocol for multi-server has a lot of advantages such as the user doesn’t need to remember various passwords and register for every application servers. In 2015, Qu Juan et al proposed a new scheme based on chaotic map for multi-server environment. From the analysis, this protocol still has a lot of disadvantages: it is vulnerable to suffer repeat registration attack; the method for processing biometrics is not right; the authentication scheme is not robust; there are some design flaws in this paper. In order to solve these problems, a new three factor authentication scheme based on secure sketch and Chebyshev chaotic map has been proposed. From the analysis, the proposed scheme not only has higher security but also deals with biometric more appropriately than Qu et al’s scheme. Furthermore, an access control method has been introduced in it for the purpose of making different users enjoy different access privileges. At the same time, the proposed scheme can achieve key agreement not only between the user and application servers but also between application servers and the Register Center（RC）.

Key words: multi-server, authentication, secure sketch, Chebyshev chaotic map, three-factor