A secure chaotic maps-based key agreement protocol without using smart cards

2015 International Conference on Information Networking (ICOIN)

Shen

2015

In order to guarantee secure communications in cloud storage service, we integrated the concept of session key establishment and extended chaotic maps into our proposed method which aims to allow data senders and data receivers to establish a secure common session key through a trusted cloud server over an insecure channel when they wish to share the sensitive data in cloud storage service. Moreover, due to the characteristics of extended chaotic maps and session key establishment, the agreed session key is only known by the communication participants. Therefore, we propose a secure three-party authenticated key exchange protocol (3PAKE) based on extended chaotic maps in cloud storage service without using smart card and timestamp, which requires neither long-term secret keys nor symmetric cryptosystems. According to our security analysis, our proposed protocol not only can achieve many general requirements that 3PAKE protocols should fulfill but also can against various known attacks. In this paper, comparing with other 3PAKE protocols, our proposed protocol is more secure and practical for real environments. Keywords-Three-party authenticated key exchange; Network security; Session key; Cloud storage service; Extended chaotic maps. 978-1-4799-8342-1/15/$31.00 ©2015 IEEE ICOIN 2015 Data sender Cloud server Data receiver

Section: A Previous and Related Work Regarding 3pake Protocolmentioning

confidence: 99%

A secure three-party authenticated key exchange protocol based on extended chaotic maps in cloud storage service

2015 International Conference on Information Networking (ICOIN)

Shen

2015

“…To design a secure authentication scheme, some cryptographic algorithms are also used, such as an RSA cryptosystem [14,15], elliptic curve cryptography [16,17], hash function [18,19], and chaos-based cryptography [20][21][22].…”

Section: Introductionmentioning

confidence: 99%

Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

Moon

Security and Communication Networks

Kim

et al. 2017

Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

“…Guo and Zhang also proposed a new chaotic map-based two-party key agreement protocol without using smart cards. In 2013, the security weakness in the protocol of Guo and Zhang was demonstrated by He and Khan [24], and the improved protocols were proposed by [25] and [26]. Besides, Niu and Wang [27] in 2011 developed a three-party authenticated key agreement protocol using chaotic maps to address the weaknesses of the chaotic map-based protocol developed by Tseng et al [28].…”

Section: Introductionmentioning

confidence: 99%

Efficient three-party authenticated key agreements based on Chebyshev chaotic map-based Diffie–Hellman assumption

2015

Nonlinear Dyn

An efficient and secure three-party authenticated key agreement protocol is proposed to enable two users to establish a common secret key for exchanging confidential and authenticated information with the help of a trusted server. The proposed protocol only employs extended chaotic maps and hash operations, i.e., it does not require a server public key, symmetric cryptosystems, time-consuming modular exponential computations, or time-consuming modular exponential computations and scalar multiplications on elliptic curve. A round-efficient version of the proposed protocol is also implemented by rearranging and sending the messages in parallel. The session security of the proposed protocol is based on the Chebyshev chaotic map-based Diffie-Hellman assumption. Compared to related chaotic map-based approaches, the proposed protocol not only requires lower computational cost, but also has fewer transmissions.