Provably secure extended chaotic map-based three-party key agreement protocols using password authentication

This paper presents a novel three-party key agreement protocol using password authentication, which enables each client sharing a long-lived secret only with a trusted server to exchange confidential and authenticated information with another client over an insecure network via the server. The proposed protocol is based on extended chaotic maps and adopts the technique that the clients can publicly exchange the factors for generating the session key without the help of the server such that the numbers of transmissions are reduced. A round-efficient version of the proposed key agreement protocol is also described. Compared to related chaotic map-based approaches, the proposed protocol not only possesses higher security and lower computational cost, but also has fewer transmissions. Additionally, the proposed protocol is proven secure in the random oracle model and realizes optimal in communications.

[1]  Yixian Yang,et al.  Applying Semigroup Property of Enhanced Chebyshev Polynomials to Anonymous Authentication Protocol , 2012 .

[2]  Ljupco Kocarev,et al.  Public-key encryption based on Chebyshev maps , 2003, Proceedings of the 2003 International Symposium on Circuits and Systems, 2003. ISCAS '03..

[3]  Kenneth H. Rosen Elementary Number Theory: And Its Applications , 2010 .

[4]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[5]  Hung-Min Sun,et al.  Secure key agreement protocols for three-party against guessing attacks , 2005, J. Syst. Softw..

[6]  Cheng-Chi Lee,et al.  An extended chaotic maps-based key agreement protocol with user anonymity , 2011, Nonlinear Dynamics.

[7]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Gene Tsudik,et al.  Refinement and extension of encrypted key exchange , 1995, OPSR.

[9]  Tzonelih Hwang,et al.  Provably secure three-party password-based authenticated key exchange protocol using Weil pairing , 2005 .

[10]  Linhua Zhang Cryptanalysis of the public key encryption based on multiple chaotic systems , 2008 .

[11]  Chia-Mei Chen,et al.  Communication-efficient three-party protocols for authentication and key agreement , 2009, Comput. Math. Appl..

[12]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[13]  Qi Xie,et al.  Chaotic maps-based three-party password-authenticated key agreement scheme , 2013, Nonlinear Dynamics.

[14]  Xuexian Hu,et al.  Cryptanalysis and enhancement of a chaotic maps-based three-party password authenticated key exchange protocol , 2014 .

[15]  Cheng-Chi Lee,et al.  A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps , 2013, Nonlinear Dynamics.

[16]  Mohammad Sabzinejad Farash,et al.  An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps , 2014, Nonlinear Dynamics.

[17]  Patrick Horster,et al.  Undetectable on-line password guessing attacks , 1995, OPSR.

[18]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[19]  Wayne Patterson Mathematical Cryptology for Computer Scientists and Mathematicians , 1987 .

[20]  Li Gong,et al.  A security risk of depending on synchronized clocks , 1992, OPSR.

[21]  David Pointcheval,et al.  Simple Password-Based Encrypted Key Exchange Protocols , 2005, CT-RSA.

[22]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[23]  Dongho Won,et al.  Attack on the Sun-Chen-Hwang's Three-Party Key Agreement Protocols Using Passwords , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[24]  Peng Gong,et al.  Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials , 2013, Nonlinear Dynamics.

[25]  Tian-Fu Lee,et al.  Communication-efficient AUTHMAC_DH protocols , 2008, Comput. Stand. Interfaces.

[26]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[27]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[28]  Cheng-Chi Lee,et al.  A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps , 2012, Nonlinear Dynamics.

[29]  Li Gong,et al.  Optimal authentification protocols resistant to password guessing attacks , 1995, Proceedings The Eighth IEEE Computer Security Foundations Workshop.

[30]  Tzonelih Hwang,et al.  Provably secure and efficient authentication techniques for the global mobility network , 2011, J. Syst. Softw..

[31]  Jerome H. Saltzer,et al.  Protecting Poorly Chosen Secrets from Guessing Attacks , 1993, IEEE J. Sel. Areas Commun..

[32]  Tzonelih Hwang,et al.  Simple password-based three-party authenticated key exchange without server public keys , 2010, Inf. Sci..

[33]  Alfredo De Santis,et al.  Security of public-key cryptosystems based on Chebyshev polynomials , 2004, IEEE Transactions on Circuits and Systems I: Regular Papers.

[34]  Hung-Min Sun,et al.  Improvement of a novel mutual authentication scheme based on quadratic residues for RFID systems , 2008, 2009 Joint Conferences on Pervasive Computing (JCPC).

[35]  Hung-Min Sun,et al.  Three-party encrypted key exchange: attacks and a solution , 2000, OPSR.

[36]  T. J. Rivlin The Chebyshev polynomials , 1974 .