“…Many elegant schemes in this area were proposed to address various security and efficiency aspects such as replay attack [2]- [5], parallel session attack [6], mutual authentication [2], [6], [7], necessity of a verification table [2], [7], [8], [10], user impersonation [9]- [12], ID-theft [12]- [14], and communication and computation overhead [2], [4], [7], [10]. However, the preservation of user privacy has been much less investigated with respect to password-based authentication.…”