Comments on “An improved secure and efficient password and chaos-based two-party key agreement protocol”

Recently, Liu and Xue proposed a secure two-party password-based authenticated key exchange protocol by utilizing the semi-group property of the Chebyshev chaotic maps. We exploit the vulnerability of the protocol in this paper by illustrating an off-line password guessing attack. In this attack, the password of a honest user will be recover by an attacker without being noticed by the server or the victim. To overcome such problem, we propose a simple and compatible fix.

[1]  Yu Liu,et al.  An improved secure and efficient password and chaos-based two-party key agreement protocol , 2016 .

[2]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange , 2012, Public Key Cryptography.

[3]  Jiashu Zhang,et al.  Secure group key agreement protocol based on chaotic Hash , 2010, Inf. Sci..

[4]  Xiaofeng Liao,et al.  A novel key agreement protocol based on chaotic maps , 2007, Inf. Sci..

[5]  Ljupco Kocarev,et al.  Public-key encryption based on Chebyshev maps , 2003, Proceedings of the 2003 International Symposium on Circuits and Systems, 2003. ISCAS '03..