Abstract: In order to meet the user authentication requirements in a single server environment, this paper designs an authentication protocol that can be used in a multi-server environment. In this paper, an original encryption algorithm, the addition and subtraction puzzle composite operation, was used to encrypt the transmitted information. By cleverly utilizing the Hamming weight of encrypted information itself in the design process of add-subtract compositive operation, the third-party cracking difficulty could be increased without increasing the introduction of parameters. The analysis of the protocol from multiple perspectives shows that the protocol in this paper has better security requirements and lower computational complexity. The simulation experiment supports the theoretical analysis result, that the protocol has better security and can be used in the current multi-server low-cost system.