Design and analysis of a three party password-based authenticated key exchange protocol using extended chaotic maps

An efficient and secure ECM-3PAKE protocol with key confirmation is proposed.The proposed protocol is designed using extended chaotic maps and smartcard.The proposed protocol is provably secure in the random oracle model.The results of AVISPA show that our protocol resists active and passive attacks.The protocol is secure and computation efficient than the existing protocols. Recently, the theory and application of Chebyshev polynomials have been studied extremely by the cryptographic research community; many symmetric and asymmetric cryptographic protocols have been designed based on extended chaotic maps. In this paper, a computation cost efficient and robust three party password-based authenticated key exchange (ECM-3PAKE) protocol with key confirmation has been designed using extended chaotic maps and smartcard. In this protocol, two users can establish a common session key with the help of a trusted server. The proposed protocol is shown to be provably secure in the random oracle model and formally validated through the simulation of Automated Validation of Internet Security Protocols and Applications (AVISPA) software. The simulation results from different model checkers of AVISPA proved that the protocol can withstand the active and passive attacks. Besides, the informal security analysis gives the evidence of security and functional efficiencies of the protocol. In addition, the comparative analysis illustrates that the protocol performs better than the existing protocols.

[1]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[2]  Yixian Yang,et al.  Applying Semigroup Property of Enhanced Chebyshev Polynomials to Anonymous Authentication Protocol , 2012 .

[3]  Long-Jye Sheu,et al.  A speech encryption using fractional chaotic systems , 2011 .

[4]  Alfredo De Santis,et al.  Security of public-key cryptosystems based on Chebyshev polynomials , 2004, IEEE Transactions on Circuits and Systems I: Regular Papers.

[5]  Sahadeo Padhye,et al.  A pairing‐free certificateless authenticated key agreement protocol , 2012, Int. J. Commun. Syst..

[6]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[7]  Linhua Zhang Cryptanalysis of the public key encryption based on multiple chaotic systems , 2008 .

[8]  Xingyuan Wang,et al.  Color image encryption using spatial bit-level permutation and high-dimension chaotic system , 2011 .

[9]  Cheng-Chi Lee,et al.  A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps , 2013, Nonlinear Dynamics.

[10]  Chin-Chen Chang,et al.  Chaotic maps-based password-authenticated key agreement using smart cards , 2013, Commun. Nonlinear Sci. Numer. Simul..

[11]  Vanga Odelu,et al.  A secure effective key management scheme for dynamic access control in a large leaf class hierarchy , 2014, Inf. Sci..

[12]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[13]  Zhenfeng Zhang,et al.  Chaotic encryption algorithm based on alternant of stream cipher and block cipher , 2011 .

[14]  Wei Zhang,et al.  A chaos-based symmetric image encryption scheme using a bit-level permutation , 2011, Inf. Sci..

[15]  Sk Hafizul Islam,et al.  AN EFFICIENT AND SECURE STRONG DESIGNATED VERIFIER SIGNATURE SCHEME WITHOUT BILINEAR PAIRINGS , 2013 .

[16]  C. Chui,et al.  A symmetric image encryption scheme based on 3D chaotic cat maps , 2004 .

[17]  Chun Chen,et al.  A secure and efficient password‐authenticated group key exchange protocol for mobile ad hoc networks , 2013, Int. J. Commun. Syst..

[18]  Cheng-Chi Lee,et al.  Improving Two Novel Three-Party Encrypted Key Exchange Protocols with Perfect Forward Secrecy , 2010, Int. J. Found. Comput. Sci..

[19]  Xiaomin Wang,et al.  Secure chaotic system with application to chaotic ciphers , 2013, Inf. Sci..

[20]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[21]  Di Xiao,et al.  Analysis and improvement of a chaos-based Hash function construction , 2010 .

[22]  Peilin Hong,et al.  Security improvement on an anonymous key agreement protocol based on chaotic maps , 2012 .

[23]  Xingyuan Wang,et al.  Cryptanalysis of an image encryption algorithm using Chebyshev generator , 2014, Digit. Signal Process..

[24]  Sk Hafizul Islam,et al.  Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps , 2014 .

[25]  Yiu-ming Cheung,et al.  Security of public key encryption technique based on multiple chaotic systems , 2005, nlin/0510017.

[26]  B. B. Zaidan,et al.  An Enhanced Security Solution for Electronic Medical Records Based on AES Hybrid Technique with SOAP/XML and SHA-1 , 2013, Journal of Medical Systems.

[27]  Xiaofeng Liao,et al.  A chaos-based hash function with both modification detection and localization capabilities , 2010 .

[28]  G. P. Biswas,et al.  A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem , 2011, J. Syst. Softw..

[29]  Wei-Pang Yang,et al.  A communication-efficient three-party password authenticated key exchange protocol , 2011, Inf. Sci..

[30]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[31]  Kim-Kwang Raymond Choo,et al.  Cryptanalysis of an Improved Smartcard-based Remote Password Authentication Scheme , 2014 .

[32]  Wang Xing-Yuan,et al.  A secure key agreement protocol based on chaotic maps , 2013 .

[33]  Zuowen Tan,et al.  A chaotic maps-based authenticated key agreement protocol with strong anonymity , 2013, Nonlinear Dynamics.

[34]  Sk Hafizul Islam,et al.  A provably secure identity-based strong designated verifier proxy signature scheme from bilinear pairings , 2014, J. King Saud Univ. Comput. Inf. Sci..

[35]  Xingyuan Wang,et al.  An anonymous key agreement protocol based on chaotic maps , 2011 .

[36]  Sahadeo Padhye,et al.  An efficient certificateless two-party authenticated key agreement protocol , 2012, Comput. Math. Appl..

[37]  Debiao He,et al.  Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol , 2012, Nonlinear Dynamics.

[38]  Xing-yuan Wang,et al.  An improved key agreement protocol based on chaos , 2010 .

[39]  Xing-yuan Wang,et al.  A switch-modulated method for chaos digital secure communication based on user-defined protocol , 2010 .

[40]  Xing-yuan Wang,et al.  A chaotic image encryption algorithm based on perceptron model , 2010 .

[41]  Cheng-Chi Lee,et al.  A Computation-Efficient Three-Party Encrypted Key Exchange Protocol , 2012 .

[42]  X. Liao,et al.  An extended method for obtaining S-boxes based on three-dimensional chaotic Baker maps , 2007 .

[43]  Xing-Yuan Wang,et al.  A symmetric image encryption algorithm based on mixed linear-nonlinear coupled map lattice , 2014, Inf. Sci..

[44]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[45]  Ashok Kumar Das,et al.  An Improved and Effective Secure Password-Based Authentication and Key Agreement Scheme Using Smart Cards for the Telecare Medicine Information System , 2013, Journal of Medical Systems.

[46]  X. Liao,et al.  A block cipher with dynamic S-boxes based on tent map , 2009 .

[47]  Cheng-Chi Lee,et al.  A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps , 2012, Nonlinear Dynamics.

[48]  Cheng-Chi Lee,et al.  An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments , 2013, Nonlinear Dynamics.

[49]  Qi Xie,et al.  Chaotic maps-based three-party password-authenticated key agreement scheme , 2013, Nonlinear Dynamics.

[50]  Eunjun Yoon,et al.  An efficient and secure Diffie–Hellman key agreement protocol based on Chebyshev chaotic map , 2011 .

[51]  Jianhua Chen,et al.  An Id-Based Three-Party Authenticated Key Exchange Protocol Using Elliptic Curve Cryptography for Mobile-Commerce Environments , 2011, IACR Cryptol. ePrint Arch..

[52]  Mohammad Sabzinejad Farash,et al.  An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps , 2014, Nonlinear Dynamics.

[53]  X. Liao,et al.  One-way Hash function construction based on the chaotic map with changeable-parameter , 2005 .

[54]  Tian-Fu Lee,et al.  Enhancing the security of password authenticated key agreement protocols based on chaotic maps , 2015, Inf. Sci..

[55]  Peng Gong,et al.  Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials , 2013, Nonlinear Dynamics.

[56]  Xiaofeng Liao,et al.  A novel key agreement protocol based on chaotic maps , 2007, Inf. Sci..

[57]  Ma,et al.  Universally Composable Three Party Password-based Key Exchange Protocol , 2009 .

[58]  G. P. Biswas,et al.  Design of improved password authentication and update scheme based on elliptic curve cryptography , 2013, Math. Comput. Model..

[59]  Jiashu Zhang,et al.  Secure group key agreement protocol based on chaotic Hash , 2010, Inf. Sci..

[60]  Xiaofeng Liao,et al.  Using time-stamp to improve the security of a chaotic maps-based key agreement protocol , 2008, Inf. Sci..

[61]  Wen-Chung Kuo,et al.  A new digital signature scheme based on chaotic maps , 2013, Nonlinear dynamics.

[62]  Cheng-Chi Lee,et al.  An extended chaotic maps-based key agreement protocol with user anonymity , 2011, Nonlinear Dynamics.

[63]  Hongjun Liu,et al.  Color image encryption based on one-time keys and robust chaotic maps , 2010, Comput. Math. Appl..