Improvement on a chaotic map-based mutual anonymous authentication protocol

Chien Ming Chen; Weicheng Fang; Shuai Liu; Tsu Yang Wu; Jeng Shyang Pan; King Hang Wang

doi:10.6688/JISE.201803_34(2).0004

Improvement on a chaotic map-based mutual anonymous authentication protocol

Chien Ming Chen
, Weicheng Fang
, Shuai Liu
, Tsu Yang Wu
, Jeng Shyang Pan
, King Hang Wang^*

^*Corresponding author for this work

Department of Computer Science

Research output: Contribution to journal › Journal article › peer-review

16 Citations (Scopus)

Abstract

Designing a secure anonymous authentication protocol is never an easy task where anonymity and authenticity are sometime conflicting to each other. Zhou et al. addressed the privacy requirement in their proposed three-party password-based authenticated key exchange (3PAKE) protocols using chaotic maps. Unfortunately, in this paper, we show that their protocol is vulnerable to a man-in-the-middle attack, an off-line password guessing attack, and a replay attack. To enhance the security, we propose a secure chaotic map-based 3PAKE protocol with mutual anonymity. Moreover, the security of our protocol is proved in the random oracle model. Also, analysis shows that the proposed scheme is more secure with similar performance.

Original language	English
Pages (from-to)	371-390
Number of pages	20
Journal	Journal of Information Science and Engineering
Volume	34
Issue number	2
DOIs	https://doi.org/10.6688/JISE.201803_34(2).0004
Publication status	Published - Mar 2018

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 9 Industry, Innovation, and Infrastructure

User-Defined Keywords

Authentication protocol
Chaotic map
Cryptanalysis
Mutual anonymity
Network security

Access to Document

10.6688/JISE.201803_34(2).0004

Cite this

@article{d034c55f15124330b1a5e21e2e2ed571,

title = "Improvement on a chaotic map-based mutual anonymous authentication protocol",

abstract = "Designing a secure anonymous authentication protocol is never an easy task where anonymity and authenticity are sometime conflicting to each other. Zhou et al. addressed the privacy requirement in their proposed three-party password-based authenticated key exchange (3PAKE) protocols using chaotic maps. Unfortunately, in this paper, we show that their protocol is vulnerable to a man-in-the-middle attack, an off-line password guessing attack, and a replay attack. To enhance the security, we propose a secure chaotic map-based 3PAKE protocol with mutual anonymity. Moreover, the security of our protocol is proved in the random oracle model. Also, analysis shows that the proposed scheme is more secure with similar performance.",

keywords = "Authentication protocol, Chaotic map, Cryptanalysis, Mutual anonymity, Network security",

author = "Chen, \{Chien Ming\} and Weicheng Fang and Shuai Liu and Wu, \{Tsu Yang\} and Pan, \{Jeng Shyang\} and Wang, \{King Hang\}",

note = "The work was supported in part by Shenzhen Technical Project under Grant number JCYJ20170307151750788 and in part by Shenzhen Technical Project under Grant number KQJSCX20170327161755. Publisher Copyright: {\textcopyright} 2018 Institute of Information Science. All Rights Reserved.",

year = "2018",

month = mar,

doi = "10.6688/JISE.201803\_34(2).0004",

language = "English",

volume = "34",

pages = "371--390",

journal = "Journal of Information Science and Engineering",

issn = "1016-2364",

publisher = "Institute of Information Science",

number = "2",

}

TY - JOUR

T1 - Improvement on a chaotic map-based mutual anonymous authentication protocol

AU - Chen, Chien Ming

AU - Fang, Weicheng

AU - Liu, Shuai

AU - Wu, Tsu Yang

AU - Pan, Jeng Shyang

AU - Wang, King Hang

N1 - The work was supported in part by Shenzhen Technical Project under Grant number JCYJ20170307151750788 and in part by Shenzhen Technical Project under Grant number KQJSCX20170327161755. Publisher Copyright: © 2018 Institute of Information Science. All Rights Reserved.

PY - 2018/3

Y1 - 2018/3

N2 - Designing a secure anonymous authentication protocol is never an easy task where anonymity and authenticity are sometime conflicting to each other. Zhou et al. addressed the privacy requirement in their proposed three-party password-based authenticated key exchange (3PAKE) protocols using chaotic maps. Unfortunately, in this paper, we show that their protocol is vulnerable to a man-in-the-middle attack, an off-line password guessing attack, and a replay attack. To enhance the security, we propose a secure chaotic map-based 3PAKE protocol with mutual anonymity. Moreover, the security of our protocol is proved in the random oracle model. Also, analysis shows that the proposed scheme is more secure with similar performance.

AB - Designing a secure anonymous authentication protocol is never an easy task where anonymity and authenticity are sometime conflicting to each other. Zhou et al. addressed the privacy requirement in their proposed three-party password-based authenticated key exchange (3PAKE) protocols using chaotic maps. Unfortunately, in this paper, we show that their protocol is vulnerable to a man-in-the-middle attack, an off-line password guessing attack, and a replay attack. To enhance the security, we propose a secure chaotic map-based 3PAKE protocol with mutual anonymity. Moreover, the security of our protocol is proved in the random oracle model. Also, analysis shows that the proposed scheme is more secure with similar performance.

KW - Authentication protocol

KW - Chaotic map

KW - Cryptanalysis

KW - Mutual anonymity

KW - Network security

UR - https://www.scopus.com/pages/publications/85049924812

U2 - 10.6688/JISE.201803_34(2).0004

DO - 10.6688/JISE.201803_34(2).0004

M3 - Journal article

AN - SCOPUS:85049924812

SN - 1016-2364

VL - 34

SP - 371

EP - 390

JO - Journal of Information Science and Engineering

JF - Journal of Information Science and Engineering

IS - 2

ER -

Improvement on a chaotic map-based mutual anonymous authentication protocol

Abstract

UN SDGs

User-Defined Keywords

Access to Document

Other files and links

Fingerprint

Cite this