论文信息 - Enhanced smartcard-based password-authenticated key agreement using extended chaotic maps

Enhanced smartcard-based password-authenticated key agreement using extended chaotic maps

A smartcard based password-authenticated key agreement scheme enables a legal user to log in to a remote authentication server and access remote services through public networks using a weak password and a smart card. Lin recently presented an improved chaotic maps-based password-authenticated key agreement scheme that used smartcards to eliminate the weaknesses of the scheme of Guo and Chang, which does not provide strong user anonymity and violates session key security. However, the improved scheme of Lin does not exhibit the freshness property and the validity of messages so it still fails to withstand denial-of-service and privileged-insider attacks. Additionally, a single malicious participant can predetermine the session key such that the improved scheme does not exhibit the contributory property of key agreements. This investigation discusses these weaknesses and proposes an enhanced smartcard-based password-authenticated key agreement scheme that utilizes extended chaotic maps. The session security of this enhanced scheme is based on the extended chaotic map-based Diffie-Hellman problem, and is proven in the real-or-random and the sequence of games models. Moreover, the enhanced scheme ensures the freshness of communicating messages by appending timestamps, and thereby avoids the weaknesses in previous schemes.

[1] Jianhua Li,et al. Anonymity Enhancement on Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards , 2010, IEEE Transactions on Industrial Electronics.

[2] Mihir Bellare,et al. Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[3] Yu-Fang Chung,et al. A Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[4] Xingyuan Wang,et al. An anonymous key agreement protocol based on chaotic maps , 2011 .

[5] Xing-yuan Wang,et al. An improved key agreement protocol based on chaos , 2010 .

[6] Jizhou Sun,et al. Improvements of Juang 's Password-Authenticated Key Agreement Scheme Using Smart Cards , 2009, IEEE Transactions on Industrial Electronics.

[7] Wuu Yang,et al. A Chaotic Maps-Based Key Agreement Protocol that Preserves User Anonymity , 2009, 2009 IEEE International Conference on Communications.

[8] Jianfeng Ma,et al. Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy , 2016 .

[9] Peng Gong,et al. A Secure Biometrics-based Authentication Scheme for Telecare Medicine Information Systems , 2013, Journal of Medical Systems.

[10] Ashok Kumar Das,et al. An Enhanced Biometric Authentication Scheme for Telecare Medicine Information Systems with Nonce Using Chaotic Hash Function , 2014, Journal of Medical Systems.

[11] Peilin Hong,et al. Security improvement on an anonymous key agreement protocol based on chaotic maps , 2012 .

[12] Jianfeng Ma,et al. Improvement of robust smart‐card‐based password authentication scheme , 2015, Int. J. Commun. Syst..

[13] Martín Abadi,et al. A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[14] Yan-yan Wang,et al. A more efficient and secure dynamic ID-based remote user authentication scheme , 2009, Comput. Commun..

[15] Cheng-Chi Lee,et al. An extended chaotic maps-based key agreement protocol with user anonymity , 2011, Nonlinear Dynamics.

[16] Chunhua Su,et al. Two robust remote user authentication protocols using smart cards , 2010, J. Syst. Softw..

[17] Tian-Fu Lee,et al. An Efficient Chaotic Maps-Based Authentication and Key Agreement Scheme Using Smartcards for Telecare Medicine Information Systems , 2013, Journal of Medical Systems.

[18] LinHan-Yu. Chaotic Map Based Mobile Dynamic ID Authenticated Key Agreement Scheme , 2014 .

[19] Mohammad S. Obaidat,et al. An anonymous and provably secure authentication scheme for mobile user , 2016, Int. J. Commun. Syst..

[20] Linhua Zhang. Cryptanalysis of the public key encryption based on multiple chaotic systems , 2008 .

[21] Chin-Chen Chang,et al. Chaotic maps-based password-authenticated key agreement using smart cards , 2013, Commun. Nonlinear Sci. Numer. Simul..

[22] Ljupco Kocarev,et al. Public-key encryption based on Chebyshev maps , 2003, Proceedings of the 2003 International Symposium on Circuits and Systems, 2003. ISCAS '03..

[23] Athanasios V. Vasilakos,et al. An Enhanced Mobile-Healthcare Emergency System Based on Extended Chaotic Maps , 2013, Journal of Medical Systems.

[24] Xiong Li,et al. Security Analysis and Improvement of ‘a More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System’ , 2015, PloS one.

[25] Alfredo De Santis,et al. Security of public-key cryptosystems based on Chebyshev polynomials , 2004, IEEE Transactions on Circuits and Systems I: Regular Papers.

[26] David Pointcheval,et al. Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[27] Wen-Shenq Juang,et al. Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards , 2008, IEEE Transactions on Industrial Electronics.

[28] Tsung-Hung Lin,et al. A Secure and Efficient Password-Based User Authentication Scheme Using Smart Cards for the Integrated EPR Information System , 2013, Journal of Medical Systems.

[29] Sk Hafizul Islam,et al. Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps , 2014 .

[30] Mohammad Sabzinejad Farash,et al. An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps , 2014, Nonlinear Dynamics.

[31] Han-Yu Lin,et al. Improved chaotic maps-based password-authenticated key agreement using smart cards , 2015, Commun. Nonlinear Sci. Numer. Simul..

[32] Debiao He,et al. Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol , 2012, Nonlinear Dynamics.

[33] Han-Yu Lin,et al. Chaotic Map Based Mobile Dynamic ID Authenticated Key Agreement Scheme , 2014, Wirel. Pers. Commun..

[34] Cheng-Chi Lee,et al. A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps , 2012, Nonlinear Dynamics.

[35] Chun-Ta Li,et al. A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card , 2013, IET Inf. Secur..

[36] Qinghai Yang,et al. A Chaotic Map-based Authentication Scheme for Telecare Medicine Information Systems , 2013, Journal of Medical Systems.

[37] Jue-Sam Chou,et al. A Novel Mutual Authentication Scheme Based on Quadratic Residues for RFID Systems , 2009, IACR Cryptol. ePrint Arch..

[38] Victor Shoup,et al. Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[39] Xiaofeng Liao,et al. A novel key agreement protocol based on chaotic maps , 2007, Inf. Sci..

[40] Fengtong Wen,et al. A Robust Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care , 2013, Journal of Medical Systems.

[41] Sarvar Patel,et al. Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[42] Ping Wang,et al. Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment , 2015, IEEE Transactions on Dependable and Secure Computing.

[43] Heba Kamal Aslan. Logical analysis of AUTHMAC_DH: a new protocol for authentication and key distribution , 2004, Comput. Secur..

[44] David Pointcheval,et al. Simple Password-Based Encrypted Key Exchange Protocols , 2005, CT-RSA.

[45] Levente Buttyán,et al. A simple logic for authentication protocol design , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[46] Song Han,et al. Security of a key agreement protocol based on chaotic maps , 2008 .

[47] Jiashu Zhang,et al. Secure group key agreement protocol based on chaotic Hash , 2010, Inf. Sci..

[48] Chuan-Ming Liu,et al. A Secure Smart-Card Based Authentication and Key Agreement Scheme for Telecare Medicine Information Systems , 2013, Journal of Medical Systems.

[49] Xiaofeng Liao,et al. Using time-stamp to improve the security of a chaotic maps-based key agreement protocol , 2008, Inf. Sci..

[50] J. Dicapua. Chebyshev Polynomials , 2019, Fibonacci and Lucas Numbers With Applications.

[51] Wen-Shenq Juang,et al. Efficient password authenticated key agreement using smart cards , 2004, Comput. Secur..

[52] Anne Strauss,et al. Elementary Number Theory And Its Applications , 2016 .

[53] Chun-I Fan,et al. Robust remote authentication scheme with smart cards , 2005, Comput. Secur..