Security Analysis of a Dynamic ID-based Authentication Scheme for Multi-server Environment Using Smart Cards

To guarantee secure communications in multi-server environment, Lee et al. proposed a dynamic ID-based remote user authentication scheme using smart card. They also demonstrated that their scheme could withstand various attacks. This paper reviews Lee et al.’s scheme and provides a security analysis on it. Our analysis shows that Lee et al. is vulnerable to the impersonation attack, the server spoofing attack, and the off-line password guessing attack.