Recently Ying and Nayak proposed a multi-server supported lightweight authentication protocol for 5G networks and confirmed the security of their protocol against all prominent attacks. Nevertheless, this paper will show certain shortcomings in their protocol, like vulnerability against identity guessing, password guessing, and user impersonation attacks. Additionally, it lacks in rendering strong user anonymity and truly two-factor security. Following the crypt-analysis, we propose an improved multi-server authentication protocol, that resists all recognized attacks, including these traps. The formal analysis using broadly accepted BAN-logic assures that the proposed protocol provides mutual authentication among the user and service-providing server. Additionally, the automated verification using the “Automated Validation of Internet Security Protocols and Applications” (AVISPA) tool asserts that improved protocol is safe toward active attacks. The performance comparison with the Ying-Nayak's protocol is evident that the proposed protocol is efficient concerning computational complexity and communication costs.

最近，Ying和Nayak提出了一种用于5G网络的多服务器支持的轻量认证协议，并确认了其协议针对所有主要攻击的安全性。尽管如此，本文仍将显示其协议中的某些缺点，例如针对身份猜测，密码猜测和用户假冒攻击的漏洞。此外，它缺乏提供强大的用户匿名性和真正的两因素安全性的功能。在进行密码分析之后，我们提出了一种改进的多服务器身份验证协议，该协议可抵抗所有公认的攻击，包括这些陷阱。使用广泛接受的BAN逻辑的形式分析确保了所提出的协议在用户和提供服务的服务器之间提供了相互认证。另外，使用“ Internet安全协议和应用程序的自动验证”（AVISPA）工具进行的自动验证断言，改进的协议对于主动攻击是安全的。与Ying-Nayak协议的性能比较表明，该协议在计算复杂度和通信成本方面是有效的。