• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

Computer Engineering & Science

Previous Articles     Next Articles

A three-party password authentication key agreement
schemes based on chaotic maps with user anonymity

WANG Caifen,CHEN Li,LIU Chao,QIAO Hui,WANG Huan   

  1. (College of Computer Science and Engineering,Northwest Normal University,Lanzhou 730070,China)
  • Received:2016-08-24 Revised:2016-12-08 Online:2018-03-25 Published:2018-03-25

Abstract:

In the threeparty password authenticated key agreement based on chaotic map, by using week passwords, users can share the session key in order to avoid security threats in the authentication process of a public key infrastructure or storing longterm key. By analyzing the chaotic mapbased password authenticated key agreement protocols proposed by Lee, we find that the agreement cannot change the password. Besides, it can only be applied to the twoway communication between the user and the server. In order to improve this scheme, we propose two useranonymous threeparty password authentication key agreement protocols based on Chebyshev chaotic map: one is based on synchronized clocks, while the other is based on nonces. The protocol based on synchronized clocks has less traffic, while the protocol based on nonces is easier to implement. The advantage of the two protocols is that users selects only one simple password for mutual authentication and key negotiation. The server does not need to protect the user password table, which can avoid the passwordrelated attacks. In addition, in the process of mutual authentication, the user uses a temporary identity and hash function to achieve the user anonymity, while enhancing the security of the protocol and reducing the number of messages in the communication process as well. As a result, the efficiency of the agreement is improved, with perfect forward security. And its security is proven by BAN logic.
 

Key words: chaotic map, anonymous, password authentication, key agreement, Chebyshev polynomials