Skip to main content
SpringerLink
Log in

A New Efficient Chaotic Maps Based Three Factor User Authentication and Key Agreement Scheme

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

In order to provide secure remote access control, a robust and efficient authentication protocol should achieve mutual authentication and session key agreement between clients and the server over public channels. Recently, Wang et al. proposed a password based authentication protocol using chaotic maps. In this paper, we demonstrate the security of their scheme, and show that Wang et al.’s scheme cannot provide session key agreement and is insecure against denial of service attack for no detecting wrong password in password change. To remedy these issues, we use the techniques of fuzzy extractor and chaotic maps to propose a three-factor remote authentication scheme. The new scheme preserves user privacy and is secure against various attacks. Detailed analysis of previous schemes in efficiency and security shows our proposed scheme is more suitable for practical application.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Arshad, H., & Nikooghadam, M. (2014). Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. Journal of Medical Systems, 38, 136.

    Article  Google Scholar 

  2. Burnett, A., Byrne, F., Dowling, T., & Duffy, A. (2007). A biometric identity based signature scheme. International Journal of Network Security, 5(3), 317–326.

    Google Scholar 

  3. Chen, H. M., Lo, J. W., & Yeh, C. K. (2012). An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. Journal of Medical Systems, 36(6), 3907–3915.

    Article  Google Scholar 

  4. Das, M. L., Saxana, A., & Gulati, V. P. (2004). A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2), 629–631.

    Article  Google Scholar 

  5. Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Proceedings of the advances in cryptology (Eurocrypt’04), LNCS 3027 (pp. 523–540).

  6. Dodis, Y., Ostrovsky, R., Reyzin, L., & Smith, A. (2008). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38(1), 97–139.

    Article  MathSciNet  MATH  Google Scholar 

  7. Guo, C., & Chang, C. C. (2013). Chaotic maps-based passwordauthenticated key agreement using smart cards. Communications in Nonlinear Science and Numerical Simulation, 18(6), 1433–1440.

    Article  MathSciNet  MATH  Google Scholar 

  8. Hao, X., Wang, J., Yang, Q., Yan, X., & Li, P. (2013). A chaotic map-based authentication scheme for telecare medicine information systems. Journal of Medical Systems, 37(2), 9919.

    Article  Google Scholar 

  9. He, D. B., Chen, J. H., & Zhang, R. (2012). A more secure authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36, 1989–1995.

    Article  Google Scholar 

  10. Hwang, M. S., & Li, L. H. (2000). A new remote user authentication scheme using smart cards. IEEE Transactions on Consumer Electronics, 46(1), 28–30.

    Article  Google Scholar 

  11. Jiang, Q., Ma, J., Lu, X., & Tian, Y. (2014). Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. Journal of Medical Systems, 38(2), 1–8.

    Article  Google Scholar 

  12. Kocarev, L., & Lian, S. (2011). Chaos-based cryptography: Theory, algorithms and applications. Berlin: Springer.

    Book  MATH  Google Scholar 

  13. Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Advances in cryptology—CRYPTO’99 (pp. 388–397). Springer.

  14. Kohda, T., Tsuneda, A., & Lawrance, A. J. (2000). Correlational properties of Chebyshev chaotic sequences. Journal of Time Series Analysis, 21(2), 181–191.

    Article  MathSciNet  MATH  Google Scholar 

  15. Kumari, S., & Khan, M. K. (2013). More secure smart card based remote user password authentication scheme with user anonymity. Security and Communication Networks, 7, 2039–2053.

    Article  Google Scholar 

  16. Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.

    Article  MathSciNet  Google Scholar 

  17. Lee, C. C., & Hsu, C. W. (2013). A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dynamics, 71, 201–211.

    Article  MathSciNet  Google Scholar 

  18. Li, X., Wen, Q., Li, W., Zhang, H., & Jin, Z. (2014). Secure privacypreserving biometric authentication scheme for telecare medicine information systems. Journal of Medical Systems, 38(11), 139.

    Article  Google Scholar 

  19. Lin, H. (2014). Chaotic map based mobile dynamic ID authenticated key agreement scheme. Wireless Personal Communications, 78(2), 1487–1494. doi:10.1007/s11277-014-1829-5

    Article  Google Scholar 

  20. Lin, H. Y. (2013). Chaotic map based mobile dynamic ID authenticaed key agreement scheme. Wireless Personal Communications., 37(2), 1–5.

    Google Scholar 

  21. Lu, Y., Li, L., Peng, H., & Yang, Y. (2015). An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. Journal of Medical Systems, 39, 32.

    Article  Google Scholar 

  22. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smartcard security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.

    Article  MathSciNet  Google Scholar 

  23. Wang, Z., Huo, Z., & Shi, W. (2015). A dynamic identity based authentication scheme using chaotic maps for telecare medicine information systems. Journal of Medical Systems, 39, 158.

    Article  Google Scholar 

  24. Wei, J., Hu, X., & Liu, W. (2012). An improved authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36(6), 3597–3604.

    Article  Google Scholar 

  25. Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., & Chung, Y. (2012). A secure authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36, 1529–1535.

    Article  Google Scholar 

  26. Xiao, D., Liao, X., & Deng, S. (2005). One-way hash function construction based on the chaotic map with changeable-parameter. Chaos, Solitons & Fractals, 241, 65–71.

    Article  MathSciNet  MATH  Google Scholar 

  27. Xiao, D., Liao, X., & Wong, K. (2005). An efficient entire chaos based scheme for deniable authentication. Chaos, Solitons & Fractals, 23, 1327–1331.

    Article  MATH  Google Scholar 

Download references

Acknowledgements

This study was supported by Natural Science Foundation of Zhejiang Province (No. LZ12F02005), National Basic Research Program of China (No. 2013CB834205), and Opening project of Key Laboratory of Public Security Information Application Based on Big-data Architecture, Ministry of Public Security (No. 2014DSJSY004).

Author information

Authors and Affiliations

  1. Key Laboratory of Cryptography and Network Security, Hangzhou Normal University, Hangzhou, China

    Lidong Han, Qi Xie, Wenhao Liu & Shengbao Wang

Authors
  1. Lidong Han
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qi Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wenhao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shengbao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lidong Han.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Han, L., Xie, Q., Liu, W. et al. A New Efficient Chaotic Maps Based Three Factor User Authentication and Key Agreement Scheme. Wireless Pers Commun 95, 3391–3406 (2017). https://doi.org/10.1007/s11277-017-4003-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4003-z

Keywords

Search

Navigation