Improvement in new three-party-authenticated key agreement scheme based on chaotic maps without password table
- 24 Downloads
A three-party-authenticated key agreement (3PAKA) scheme allows two participants to establish shared secure session key (3SK) via trusted server over a public network. Recently, Lee et al. (Nonlinear Dyn 79(4):2485–2495, 2015) proposed a new 3PAKA protocol based on chaotic maps without password table. They claimed that the proposed scheme can establish a common session key among two users with security and users anonymity. Unfortunately, Lee et al.’s scheme is vulnerable to impersonation attack when the adversary is an internal user. Furthermore, in this paper, we will prove that Lee et al.’s scheme cannot guarantee user anonymity. To exhibit these flaws, we apply an automatic protocol verifier tool, Proverif. Therefore, we have put forward some improvements to overcome the weaknesses of Lee et al.’s protocol. We apply Proverif to show that the proposed improvement can satisfy security and authentication properties. The performance analysis shows that the proposed enhancement is efficient.
KeywordsKey agreement protocol Anonymity Chebyshev chaotic map User impersonation attack Protocol security
Compliance with ethical standards
Conflict of interest
The authors declare that they have no conflict of interest.
- 13.Islam, S.H.: Provably secure dynamic identity-based threefactor password authentication scheme using extended chaotic maps. Nonlinear Dyn. 78, 2261–2276 (2014)Google Scholar
- 23.Lee, T.-F.: Verifier-based three-party authentication schemes using extended chaotic maps for data exchange in telecare medicine information systems. Comput. Methods Program Biomed. 117(3), 464–472 (2014)Google Scholar
- 24.Lee, T.-F.: Efficient three-party authenticated key agreements based on Chebyshev chaotic map-based DiffieHellman assumption. Nonlinear Dyn. 81(4), 2071–2078 (2015)Google Scholar
- 27.Lai, H., Xiao, J., Li, L., Yang, Y.: Applying semigroup property of enhanced Chebyshev polynomials to anonymous authentication protocol. Math. Probl. Eng. (2012). https://doi.org/10.1155/2012/454823
- 35.Qi, X., Bin, H., Ke-Fei, C., Wen-Hao, L., Xiao, T.: Chaotic maps and biometrics based anonymous three-party authenticated key exchange protocol without using passwords. Chin. Phys. B. 24(11), 110–505 (2015)Google Scholar