Skip to Main Content
Recently, Tsai et al. have proposed a multi-server authentication protocol. They claimed their protocol is secure and can withstand various attacks. But we found some security loopholes in the protocol. Accordingly, the current paper demonstrates that Tsaipsilas protocol does not provide perfect forward secrecy and is susceptible to a Denning-Sacco attack and server spoofing. We then present an enhanced protocol to isolate such problems.