A New Verifier-Based Anonymous Password-Authenticated Key Exchange Protocol

In the information age, privacy have aroused wide concern. User identity can be tracked in a public network if it is not stored or transmitted in a secure way. To enhance the security, many anonymous password authenticated key exchange protocols have been proposed to anonymize user’s identity from the server. However, few of them focus on the stolen verifier attacks which assumes a powerful adversary who is accessible to the server’s database or even secret keys. In this paper, we propose a new verifierbased anonymous password-authenticated key exchange protocols. It employs an existed algebraic MAC as verifier to resist such attacks. We also show that the protocol is secure and efficient through analysis.

[1]  SeongHan Shin,et al.  A secure anonymous password-based authentication protocol with control of authentication numbers , 2016, 2016 International Symposium on Information Theory and Its Applications (ISITA).

[2]  Xuexian Hu,et al.  Anonymous Password Authenticated Key Exchange Protocol in the Standard Model , 2017, Wirel. Pers. Commun..

[3]  Yanjiang Yang,et al.  Towards practical anonymous password authentication , 2010, ACSAC '10.

[4]  Zhenfu Cao,et al.  Efficient Password-Based Authentication and Key Exchange Scheme Preserving User Privacy , 2006, WASA.

[5]  Chien-Ming Chen,et al.  On the Security of a Chaotic Maps-based Three-party Authenticated Key Agreement Protocol , 2016, J. Netw. Intell..

[6]  Chien-Ming Chen,et al.  On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags , 2017, The Journal of Supercomputing.

[7]  Kim-Kwang Raymond Choo,et al.  A Provably-Secure and Efficient Verifier-Based Anonymous Password-Authenticated Key Exchange Protocol , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[8]  Xuexian Hu,et al.  Universally composable anonymous password authenticated key exchange , 2016, Science China Information Sciences.

[9]  Jian Weng,et al.  A New Approach for Anonymous Password Authentication , 2009, 2009 Annual Computer Security Applications Conference.

[10]  Wen-Guey Tzeng,et al.  Anonymous Password Based Authenticated Key Exchange with Sub-Linear Communication , 2009, J. Inf. Sci. Eng..

[11]  SeongHan Shin,et al.  Very-Efficient Anonymous Password-Authenticated Key Exchange and Its Extensions , 2009, AAECC.

[12]  King-Hang Wang,et al.  Comments on “An improved secure and efficient password and chaos-based two-party key agreement protocol” , 2016, Nonlinear Dynamics.

[13]  Tsu-Yang Wu,et al.  Cryptanalysis of an Anonymous Mutual Authentication Scheme for Secure Inter-device Communication in Mobile Networks , 2017, IIH-MSP.

[14]  Jeng-Shyang Pan,et al.  A Provable Secure Private Data Delegation Scheme for Mountaineering Events in Emergency System , 2017, IEEE Access.

[15]  Jeng-Shyang Pan,et al.  Improvement on a Chaotic Map-based Mutual Anonymous Authentication Protocol , 2018, J. Inf. Sci. Eng..

[16]  Chien-Ming Chen,et al.  A secure authentication scheme for Internet of Things , 2017, Pervasive Mob. Comput..

[17]  Cheng-Chi Lee,et al.  A novel three-party password-based authenticated key exchange protocol with user anonymity based on chaotic maps , 2017, Soft Computing.

[18]  Xuexian Hu,et al.  Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication , 2016, CCS.

[19]  Jing Yang,et al.  A New Anonymous Password-Based Authenticated Key Exchange Protocol , 2008, INDOCRYPT.