Secure and Efficient Password-based Authenticated Key Exchange Protocol for Two-Server Architecture

A great part of protocols for password-based authenticated key exchange system are designed for a single- server environment where all the information about legitimate users is stored in one server. Therefore, a credential weakness is existed in this approach because the user´s password is exposed if this server is ever compromised. In 2006, Yang et al. proposed a practical two-server authenticated key exchange system which split user´s password into two and store them into the servers respectively. They also extended the basic two-server model to an architecture in which multiple service servers were supported by single control server, but they didn´t demonstrate an adequate protocol in the extended model. In this paper, we present a protocol which is suitable for the extended model. In addition, we describe that our proposed protocol is robust against various known attacks and has a user-friendness.