• PDF / 439,855 Bytes
• 8 Pages / 547.087 x 737.008 pts Page_size
• 59 Downloads / 209 Views

DOWNLOAD

REPORT

O R I G I N A L PA P E R

A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps Cheng-Chi Lee · Chun-Ta Li · Che-Wei Hsu

Received: 21 November 2012 / Accepted: 10 January 2013 / Published online: 23 January 2013 © Springer Science+Business Media Dordrecht 2013

Abstract In this paper, we propose a scheme utilizing three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps, which is more efficient and secure than previously proposed schemes. In order to enhance the efficiency and security, we use the extended chaotic maps to encrypt and decrypt the information transmitted by the user or the server. In addition, the proposed protocol provides user anonymity to guarantee the identity of users, which is transmitted in the insecure public network. Keywords Anonymity · Chaotic maps · Authenticated key exchange · Password-based · Three-party

C.-C. Lee · C.-W. Hsu Department of Library and Information Science, Fu Jen Catholic University, 510 Jhongjheng Rd., Sinjhuang City, New Taipei City 24205, Taiwan, ROC C.-C. Lee e-mail: [email protected] C.-C. Lee Department of Photonics & Communication Engineering, Asia University, No. 500, Lioufeng Road, Wufeng Shiang, Taichung 402, Taiwan, ROC C.-T. Li () Department of Information Management, Tainan University of Technology, 529 Zhongzheng Road, Tainan 710, Taiwan, ROC e-mail: [email protected]

1 Introduction In order to guarantee the security of secret keys which are exchanged over the insecure public network, there are many related protocols [4, 5, 15, 16, 18, 24] which have been proposed by researchers, such as PasswordAuthenticated Key Exchange (PAKE) protocol. PAKE protocol allows two parties to keep one identical memorable password to agree on a common session key over the insecure public network [9, 19, 20, 26]. Generally, password-based authentication can resist both the brute force and the dictionary attacks if users choose strong passwords to provide enough entropy. Nevertheless, password-based authentication has one intrinsic problem: users are not adept in memorizing text strings. Hence, most users would select memorable passwords even if they know the passwords might be unsafe, so that it is not easy to protect the password information against various attacks. According to the protocol proposed by Lin et al. [17], we can divide the attacks into the following classes: • Off-line dictionary attacks: The adversary first guesses a password and then verifies its guess in an off-line mode only by using the eavesdropped information. No participation of the honest client or the server is required, so these attacks cannot be noticed. • Undetectable on-line dictionary attacks: The adversary attempts to verify a password guess in an online transaction. Nevertheless, a failed guess cannot

126

be detected by the honest client or by the server, since one of them is not able to distinguish a malicious request from an honest one. • Detectable on-line dictionary

Recommend Documents

Fuzzy Asymmetric Password-Authenticated Key Exchange

174 39 24MB

An improved lightweight anonymous user authenticated session key exchange scheme for Internet of Things

159 11 2MB

An Efficient Password-Only Two-Server Authenticated Key Exchange System

175 23 486KB

Separating Symmetric and Asymmetric Password-Authenticated Key Exchange

228 52 16MB

Beyond Secret Handshakes: Affiliation-Hiding Authenticated Key Exchange

160 85 9MB

Password-Based Tripartite Key Exchange Protocol with Forward Secrecy

166 52 26MB

Computationally-Efficient Password Authenticated Key Exchange Based on Quadratic Residues

159 56 451KB

Two-Pass Authenticated Key Exchange with Explicit Authentication and Tight Security

158 80 24MB

Heterogeneous Deniable Authenticated Encryption Protocol

185 52 57MB

A Fair-Exchange and Customer-Anonymity Electronic Commerce Protocol for Digital Content Transactions

139 89 7MB

Enhanced Mutual Authentication and Key Exchange Protocol for Wireless Communications

199 117 265KB

Chaotic Foreign Exchange Rates

190 69 46MB