This paper presents a comprehensive survey of authenticated key agreement protocols, which have been proposed for multi-server architectures. The growing use of cloud-based services has made multi-server authentication protocols a necessity. For a brief insight into the topic, the break-fix history of these protocols, vital functional and security requirements have been summarized. Protocols are categorized based upon the cryptographic mechanism used. To evaluate the trade-off between security and performance, comprehensive analysis concerning performance and security of multiple protocols, from each category, has been carried out. Some profound results of this survey include: 1) the majority of existing protocols engage the registration server (RS) in the mutual authentication, which results in extra communication overhead and creates a computational bottleneck on RS end. Secondly, majority of the hash-based protocols with offline RS are vulnerable to key compromise impersonation attacks. Thirdly very few schemes consider the efficient and demanded revocation of compromised participants. Finally, among all these protocols, pairing-based designs are the most computationally expensive.

本文介绍了已认证的密钥协商协议的全面调查，该协议已针对多服务器体系结构提出。基于云的服务的日益增长的使用已使多服务器身份验证协议成为必要。为了使您对该主题有一个简短的了解，已经总结了这些协议的破解历史，重要的功能和安全要求。协议根据使用的加密机制进行分类。为了评估安全性和性能之间的权衡，已对每个类别的多种协议的性能和安全性进行了综合分析。这项调查的一些深刻结果包括：1）大多数现有协议都使用注册服务器（RS）中的双向身份验证，这会导致额外的通信开销，并在RS端造成计算瓶颈。其次，大多数具有脱机RS的基于散列的协议都容易受到密钥泄露模拟攻击。第三，很少有方案考虑对受害参与者的有效和要求撤销。最后，在所有这些协议中，基于配对的设计在计算上最昂贵。