Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps

With the aim of guaranteeing secure communication through public networks, three-factor password authentication (TF-PWA) scheme plays a key role in many internet applications. Since in TF-PWA scheme, the communicating entities can mutually authenticate each other and generate a shared session key, which will be used for secure exchange of messages in succeeding communication among them. As a result, the TF-PWA schemes gain enormous consideration in recent years. More recently, due to light-weight features of the extended chaotic map, it is also extensively applied in designing of public key encryption, key agreement, image encryption, S-box, hash function, digital signature, password authentication, etc. The aim of this paper was to design a dynamic identity-based three-factor password authentication scheme using extended chaotic map (ECM-TF-PWA) in the random oracle model. The proposed scheme is provably secure based on the intractability assumption of chaotic map-based Diffie–Hellman problem. The informal security analysis gives the evidence that our scheme protects all attacks and provides functionality attributes that are needed in a three-factor authentication system. Besides, the performance discussion shows that our scheme performs better than others in respect of computation and communication cost.

[1]  Xing-yuan Wang,et al.  A chaotic image encryption algorithm based on perceptron model , 2010 .

[2]  Wen-Chung Kuo,et al.  A new digital signature scheme based on chaotic maps , 2013, Nonlinear dynamics.

[3]  Cheng-Chi Lee,et al.  An extended chaotic maps-based key agreement protocol with user anonymity , 2011, Nonlinear Dynamics.

[4]  G. P. Biswas,et al.  Improved remote login scheme based on ECC , 2011, 2011 International Conference on Recent Trends in Information Technology (ICRTIT).

[5]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[6]  Yiu-ming Cheung,et al.  Security of public key encryption technique based on multiple chaotic systems , 2005, nlin/0510017.

[7]  Peilin Hong,et al.  Security improvement on an anonymous key agreement protocol based on chaotic maps , 2012 .

[8]  Zuowen Tan,et al.  A chaotic maps-based authenticated key agreement protocol with strong anonymity , 2013 .

[9]  Xingyuan Wang,et al.  An anonymous key agreement protocol based on chaotic maps , 2011 .

[10]  Cheng-Chi Lee,et al.  A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps , 2013 .

[11]  Long-Jye Sheu,et al.  A speech encryption using fractional chaotic systems , 2011 .

[12]  X. Liao,et al.  An extended method for obtaining S-boxes based on three-dimensional chaotic Baker maps , 2007 .

[13]  G. P. Biswas,et al.  Design of improved password authentication and update scheme based on elliptic curve cryptography , 2013, Math. Comput. Model..

[14]  Jiashu Zhang,et al.  Secure group key agreement protocol based on chaotic Hash , 2010, Inf. Sci..

[15]  Muhammad Khurram Khan,et al.  Improving the security of 'a flexible biometrics remote user authentication scheme' , 2007, Comput. Stand. Interfaces.

[16]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[17]  G. P. Biswas,et al.  Comments on ID-Based Client Authentication with Key Agreement Protocol on ECC for Mobile Client-Server Environment , 2011, ACC.

[18]  Wei-Kuan Shih,et al.  Robust elliptic curve cryptography-based three factor user authentication providing privacy of biometric data , 2013, IET Inf. Secur..

[19]  Xiaofeng Liao,et al.  Using time-stamp to improve the security of a chaotic maps-based key agreement protocol , 2008, Inf. Sci..

[20]  C. Chui,et al.  A symmetric image encryption scheme based on 3D chaotic cat maps , 2004 .

[21]  Mohammad Sabzinejad Farash,et al.  An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps , 2014 .

[22]  Ashok Kumar Das Cryptanalysis And Further Improvement Of A Biometric-Based Remote User Authentication Scheme Using Smart Cards , 2011, ArXiv.

[23]  Zhenfeng Zhang,et al.  Chaotic encryption algorithm based on alternant of stream cipher and block cipher , 2011 .

[24]  Ashok Kumar Das,et al.  A Secure and Efficient Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care , 2013, Journal of Medical Systems.

[25]  X. Liao,et al.  One-way Hash function construction based on the chaotic map with changeable-parameter , 2005 .

[26]  Alfredo De Santis,et al.  Security of public-key cryptosystems based on Chebyshev polynomials , 2004, IEEE Transactions on Circuits and Systems I: Regular Papers.

[27]  Cheng-Chi Lee,et al.  An extended chaotic-maps-based protocol with key agreement for multiserver environments , 2013, Nonlinear Dynamics.

[28]  Xiaofeng Liao,et al.  A novel key agreement protocol based on chaotic maps , 2007, Inf. Sci..

[29]  Mohammad Sabzinejad Farash,et al.  Cryptanalysis and improvement of a chaotic map-based key agreement protocol using Chebyshev sequence membership testing , 2014, Nonlinear Dynamics.

[30]  Peng Gong,et al.  Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials , 2013, Nonlinear Dynamics.

[31]  Hideki Imai,et al.  Theoretical framework for constructing matching algorithms in biometric authentication systems , 2009, ICB.

[32]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[33]  Linhua Zhang Cryptanalysis of the public key encryption based on multiple chaotic systems , 2008 .

[34]  Xiaomin Wang,et al.  Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices , 2008 .

[35]  Chin-Chen Chang,et al.  Chaotic maps-based password-authenticated key agreement using smart cards , 2013, Commun. Nonlinear Sci. Numer. Simul..

[36]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[37]  J. K. Lee,et al.  Fingerprint-based remote user authentication scheme using smart cards , 2002 .

[38]  Xiaofeng Liao,et al.  A chaos-based hash function with both modification detection and localization capabilities , 2010 .

[39]  G. P. Biswas,et al.  A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem , 2011, J. Syst. Softw..

[40]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[41]  Younghwa An,et al.  Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards , 2012, Journal of biomedicine & biotechnology.

[42]  Ashok Kumar Das,et al.  Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards , 2011, IET Inf. Secur..

[43]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[44]  Cheng-Chi Lee,et al.  A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps , 2013 .

[45]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[46]  Ashok Kumar Das,et al.  An Improved and Effective Secure Password-Based Authentication and Key Agreement Scheme Using Smart Cards for the Telecare Medicine Information System , 2013, Journal of Medical Systems.

[47]  Di Xiao,et al.  Analysis and improvement of a chaos-based Hash function construction , 2010 .

[48]  Hung-Min Sun,et al.  Cryptanalysis of a fingerprint-based remote user authentication scheme using smart cards , 2003, IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings..

[49]  Xing-yuan Wang,et al.  An improved key agreement protocol based on chaos , 2010 .

[50]  Xiong Li,et al.  Robust Biometrics Based Three-Factor Remote User Authentication Scheme with Key Agreement , 2013, 2013 International Symposium on Biometrics and Security Technologies.

[51]  Chu-Hsing Lin,et al.  A flexible biometrics remote user authentication scheme , 2004, Comput. Stand. Interfaces.

[52]  Sk Hafizul Islam,et al.  An improved ID - based client authentication with key agreement scheme on ECC for mobile client - server environments , 2012 .

[53]  X. Liao,et al.  A block cipher with dynamic S-boxes based on tent map , 2009 .

[54]  Zhang Rui,et al.  A More Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of medical systems.

[55]  Debiao He,et al.  Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol , 2012, Nonlinear Dynamics.

[56]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[57]  Cheng-Chi Lee,et al.  An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments , 2013 .

[58]  Chun-I Fan,et al.  Provably Secure Remote Truly Three-Factor Authentication Scheme With Privacy Protection on Biometrics , 2009, IEEE Transactions on Information Forensics and Security.

[59]  Qi Xie,et al.  Chaotic maps-based three-party password-authenticated key agreement scheme , 2013 .

[60]  Xiong Li,et al.  Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards , 2011, J. Netw. Comput. Appl..