Abstract
Multi-Server Authentication (MSA) provides the user an efficient way to avail multiple services of various multimedia service providers, once after getting registered from a registration centre. Previously, a user had to register all servers individually to use their respective service; which proves to be a redundant and inefficient procedure in comparison with MSA. Many MSA-based techniques have been put forward by researchers, so far, however with proven pitfalls. In the last few years, the focus has been shifted towards a more flexible and efficient Chebyshev cryptographic technique. In this regard, recently Tan’s scheme presented a chaotic map based multi-server authentication scheme with a focus on login scalability. Nonetheless, Tan’s scheme has been found vulnerable to insider (impersonation attack) and stolen smart card attacks. Besides, the Tan’s scheme fails to differentiate the login requests between the two presented cases. The current study work is based on improving the Tan’s technique in terms of security in almost an equivalent cost. The security for proposed work is evaluated in the performance evaluation section, while it shows that the security is provable under formal security model, as well as using BAN Logic.
Similar content being viewed by others
References
Burrow M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8:18–36
Chen YL, Huang CH, Chou JS (2009) A novel multi-server authentication scheme. Cryptology ePrint Archive 91:161–190
Cheong KY, Koshiba T (2007) More on security of public key cryptosystems based on Chebyshev polynomials. IEEE T Circuits-II 54(9):795–799
Chuang M-C, Chen MC (2014) An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst Appl 41:1411–1418
He D, Wu S (2013) Security flaws in a smart card based authentication scheme for multi-server environment. Wirel Pers Commun 70:1–7
He DB, Chen YT, Chen JH (2012) Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dynamics 69:1149–1157
Hsiang H-C, Shih W-K (2009) Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(6):1118–1123
Irshad A, Sher M, Faisal MS, Ghani A, Ul Hassan M, Ashraf Ch S (2014) A secure authentication scheme for session initiation protocol by using ECC on the basis of the tang and Liu scheme. Security and Communication Networks 7(8):1210–1218
Irshad A, Sher M, Rehman E, Ch SA, Hassan MU, Ghani A (2015) A single round-trip SIP authentication scheme for voice over internet protocol using smart card. Multimedia Tools and Applications 74(11):3967–3984
Irshad A, Sher M, Chaudhary SA, Naqvi H, Farash MS (2016) An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging registration Centre. J Supercomput 72:1–22
Jin ATB, Ling DNC, Goh A (2004) Bio-hashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recogn 37(11):2245–2255
Juang WS (2004) Efficient multi-server password authenticated key agreement using smart cards. IEEE Trans Consum Electron 50(1):251–255
Kanso A, Yahyaoui H, Almulla M (2012) Keyed hash function based on a chaotic map. Inf Sci 186:249–264
Lai H, Xiao J, Li L, Yang Y (2012) Applying semi-group property of enhanced Chebyshev polynomials to anonymous authentication protocol. Math Probl Eng. doi:10.1155/2012/454823
Lee TF (2015) Enhancing the security of password authenticated key agreement protocols based on chaotic maps. Inf Sci 290:63–71
Li C-T (2016) A secure chaotic maps-based privacy-protection scheme for multi-server environments. Security and Communication Networks 9:2276
Li L, Lin I, Hwang M (2001) A remote password authentication scheme for multi-server architecture using neural networks. IEEE Trans Neural Netw 12(6):1498–1504
Li X, Xiong YP, Ma J, Wang WD (2012) An efficient and secure dynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769
Li X, Niu J, Kumari S, Islam SH, Wu F, Khan MK, Das AK (2016) A novel chaotic maps-based user authentication and key agreement protocol for multi-server environments with provable security. Wirel Pers Commun 89:1–29
Liao YP, Wang SS (2009) A secure dynamic ID based remote user authentication scheme for multi-server environment. Computer Standards & Interfaces 31(1):24–29
Lin C, Hwang MS, Li LH (2003) A new remote user authentication scheme for multi-server architecture. Futur Gener Comput Syst 1(19):13–22
Lu Y, Li L, Peng H, Yang Y (2016) Cryptanalysis and improvement of a chaotic maps-based anonymous authenticated key agreement protocol for multi-server architecture. Security and Communication Networks 9:1321
Lumini A, Loris N (2007) An improved bio-hashing for human authentication. Pattern Recogn 40(3):1057–1065
Mishra D, Das AK, Mukhopadhyay S (2014) A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst Appl 41:8129–8143
Niu Y, Wang X (2011) An anonymous key agreement protocol based on chaotic maps. Commun Nonlinear Sci Numer Simul 16:1986–1992
Özkaynak F, Yavuz S (2013) Designing chaotic S-boxes based on time-delay chaotic system. Nonlinear Dynamics 74:551–557
Pippal RS, Jaidhar C, Tapaswi S (2013) Robust smart card authentication scheme for multi-server architecture. Wirel Pers Commun 72:1–17
Qi J, Fushan W, Shuai F, Jianfeng M, Guangsong L, Abdulhameed A (2016) Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dynamics 83(4):2085–2101
Sandeep KS, Sarje AK, Singh K (2011) A secure dynamic identity based authentication protocol for multi-server architecture. J Netw Comput Appl 34(2):609–618
Tan Z (2012) Improvement of smart card based password authentication scheme for multi-server environments. Turk J Electr Eng Comput Sci 20(6):881–900
Tan Z (2016) A privacy-preserving multi-server authenticated key-agreement scheme based on Chebyshev chaotic maps. Security and Communication Networks. doi:10.1002/sec.1424
Tsai JL (2008) Efficient multi-server authentication scheme based on one-way hash function without verification table. Computer Security 27(3–4):115–121
Tsai JL, Lo NW (2015) A chaotic map-based anonymous multi-server authenticated key agreement protocol using smart card. Int J Commun Syst 28(13):1955–1963
Tsai JL, Lo NW, Wu TC (2013) A new password-based multi-server authentication scheme robust to password guessing attacks. Wireless Personal Communications, accepted for publication. doi:10.1007/s11277-012-0918-6.8
Tsaur WJ, Wu CC, Lee WB (2004) A smart card-based remote scheme for password authentication in multiserver internet services. Computer Standards & Interfaces 27:39–51
Tsuar WJ, Wu CC, Lee WB (2001) A flexible user authentication scheme for multi-server internet services. In: Proceedings of first international conference on networking Colmar France, July 9–13, lecture notes in computer science, vol 2093. Springer-Verlag, Berlin, pp. 174–183
Wang B, Ma M (2013) A smart card based efficient and secured multi-server authentication scheme. Wirel Pers Commun 68(2):361–378
Wang X, Zhao J (2010) An improved key agreement protocol based on chaos. Commun Nonlinear Sci Numer Simul 15:4052–4057
Wang X, Zhang W, Guo W, Zhang J (2013) Secure chaotic system with application to chaotic ciphers. Inf Sci 221:555–570
Wong K-W (2003) A combined chaotic cryptographic and hashing scheme. Phys Lett A 307:292–298
Xiao D, Liao X, Deng S (2005a) One-way hash function construction based on the chaotic map with changeable parameter. Chaos, Solitons Fractals 24:65–71
Xiao D, Liao X, Wong K (2005b) An efficient entire chaos based scheme for deniable authentication. Chaos, Solitons Fractals 23:1327–1331
Xiong L, Jianwei N, Zhibo W, Caisen C (2014) Applying biometrics to design three-factor remote user authentication scheme with key agreement. Security and Communication Networks 7(10):1488–1497
Xiong L, Jianwei N, Saru K, Junguo L, Wei L (2015a) An enhancement of a smart card authentication scheme for multi-server architecture. Wirel Pers Commun 80(1):175–192
Xiong L, Jianwei N, Saru K, Muhammad KK, Junguo L, Wei L (2015b) Design and analysis of a chaotic maps-based three-party authenticated key agreement protocol. Nonlinear Dynamics 80(3):1209–1220
Xue KP, Hong PL (2012) Security improvement on an anonymous key agreement protocol based on chaotic maps. Commun Nonlinear Sci Numer Simul 17:2969–2977
Yoon EJ (2012) Efficiency and security problems of anonymous key agreement protocol based on chaotic maps. Commun Nonlinear Sci Numer Simul 17:2735–2740
Zhang L (2008) Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos, Solitons Fractals 37(3):669–674
Zhao F, Gong P, Li S, Li M, Li P (2013) Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials. Nonlinear Dynamics. doi:10.1007/s11071-013-0979-4
Zhu H (2015) A provable privacy-protection system for multi-server environment. Nonlinear Dynamics 82(1–2):835–849
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Irshad, A., Sher, M., Chaudhry, S.A. et al. An improved and secure chaotic map based authenticated key agreement in multi-server architecture. Multimed Tools Appl 77, 1167–1204 (2018). https://doi.org/10.1007/s11042-016-4236-y
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-016-4236-y