A chaotic maps-based authenticated key agreement protocol with strong anonymity

In wireless communication environments, the authenticated key agreement with user anonymity is important. Recently, many chaotic maps-based anonymous authenticated key agreement protocols have been proposed. Tseng et al. applied Chebyshev chaotic maps to propose an anonymous key agreement protocol. Unfortunately, Niu et al. demonstrated that Tseng et al.’s protocol cannot protect the user anonymity and it suffers from insider attacks. Xue et al. improved Tseng et al.’s protocol. However, we have found that their improved protocol still cannot provide strong anonymity and it is vulnerable to the man-in-the-middle attack. To remove these weaknesses, we have proposed a novel chaotic maps-based authenticated key agreement protocol. The proposed protocol cannot only resist these attacks, but also provide strong anonymity.     

An extended chaotic maps-based key agreement protocol with user anonymity

A key agreement protocol is used to derive a shared secure session key by two or more parties, but no party can predetermine the resulting value. Users can securely exchange information over an open network by using the shared session key to encrypt/decrypt secure information. Recently, several key agreement protocols based on chaotic maps are proposed. Xiao et al. proposed a novel key agreement protocol based on chaotic maps and claimed their protocol can resist the known attack which is proposed by Bergamo et al. However, Han et al. and Xiang et al. pointed out that the Xiao et al. protocol is still insecure. To overcome these attacks, we shall propose an extended chaotic maps-based key agreement protocol. The proposed protocol not only can resist these attacks, but also provide mutual authentication and user anonymity.     

Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol

Very recently, Lee et?al. (C.?Lee, C.?Chen, C.?Wu, S.?Huang, An extended chaotic maps-based key agreement protocol with user anonymity, Nonlinear Dynamics, doi:10.1007/s11071-011-0247-4) proposed a chaotic maps-based key agreement protocol with user anonymity and claimed their protocol could resist various attacks. In this paper, we will point out that Lee et?al.??s protocol suffers from three weaknesses: (1)?inability of resisting the privileged insider attack; (2)?inability of resisting the denial-of-service attack; and (3)?inability of providing anonymity. To overcome the weaknesses, we also proposed an improved protocol. The analysis shows our protocol is more suitable for practical applications.     

Provably secure three-party key agreement protocol using Chebyshev chaotic maps in the standard model

Recently, several key agreement protocols based on Chebyshev chaotic maps have been proposed in the literature. However, they can normally achieve “heuristic” security, that is, once drawbacks are found in these protocols, they are either modified to resist the new attacks, or are discarded. Under these circumstances, it is necessary and significant to define standard security models that can precisely characterize the capabilities of the participants and a potent adversary. Hence, we propose to use public key encryption based on enhanced Chebyshev chaotic maps and pseudo-random function ensembles to construct an efficient three-party key agreement protocol under the standard model, in which the adversary is able to make a wider range of queries and have more freedom than the other proposed schemes. In the design of our protocol, we follow the ideas in the recent key agreement protocol of Yang and Cao’s. The proposed protocol is shown to be provably secure if decisional Diffie–Hellman problem, which is based on Chebyshev chaotic maps, is computationally infeasible. To the best of our knowledge, our protocol is the first provably secure 3PAKE protocol using Chebyshev chaotic maps under the standard model.     

A revised key agreement protocol based on chaotic maps

Very recently, Chen et al. proposed a security-enhanced key agreement protocol based on Chebyshev chaotic map. They claimed that the proposed protocol can achieve session key agreement shared among the server and user with security and users anonymity. Although, in this paper, we will prove that Chen et al.’s protocol cannot guarantee security and user anonymity against internal adversary who is a legal user. Furthermore, we give some improvements to dominate the mentioned shortcomings. The analysis shows that our proposed improvements are secure and efficient.     

A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps

Recently, biometric-based remote user authentication schemes along with passwords have drawn considerable attention in research. In 2011, Das proposed an improvement on an efficient biometric-based remote user authentication scheme using smart cards and claimed his scheme could resist various attacks. However, there are some weaknesses in Das’s scheme such as the privileged insider attack and the off-line password guessing attack. Besides, Das’s scheme also cannot provide user anonymity. To overcome these weaknesses, we shall propose a secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. The proposed scheme not only can resist the above-mentioned attacks, but also provide user anonymity.     

Chaotic maps-based three-party password-authenticated key agreement scheme

Since chaos theory related to cryptography has been addressed widely, many chaotic maps based two-party password-authenticated key agreement (2PAKA) schemes have been proposed. However, to the best of our knowledge, no chaotic maps based three-party password-authenticated key agreement (3PAKA) protocol without using a timestamp has been proposed, yet. In this paper, we propose the first chaotic maps-based 3PAKA protocol without a timestamp. The proposed protocol is not based on the traditional public key cryptosystem but is based on chaotic maps, which not only achieves perfect forward secrecy without using a timestamp, modular exponentiation and scalar multiplication on an elliptic curve, but is also robust to resist various attacks such as password guessing attacks, impersonation attacks, man-in-the-middle attacks, etc.     

Cryptanalysis and enhancement of a chaotic maps-based three-party password authenticated key exchange protocol

Recently, Lee et al. (Nonlinear Dyn, 73(1–2):125–132, 2013) proposed a three party password authenticated key exchange with user anonymity by utilizing extended chaotic maps. They claimed that their protocol is more secure than previously proposed schemes. In this paper, our analysis shows that Lee et al.’s protocol suffers from two kinds of attacks: (1) man-in-the-middle attack, and (2) user anonymity attack. To overcome these weakness, we propose an enhanced protocol that can resist the attacks described and yet with comparable efficiency.     

Cryptanalysis and improvement of a chaotic map-based key agreement protocol using Chebyshev sequence membership testing

Recently, Gong et al. (Nonlinear Dyn, doi:10.1007/s11071-012-0628-3, 2012) proposed a chaotic map-based key agreement protocol without using smart cards. They claimed that the protocol is secure against password-guessing attacks. However, we show that Gong et al.’s protocol is vulnerable to partition attacks, whereby the adversary can guess the correct password off-line. We also demonstrate that the protocol suffers from a a stolen-verifier attack along with password change pitfalls. Thereafter, we proposed an chaotic map-based key agreement protocol without using smart cards to conquer the mentioned weaknesses. The security analysis of the proposed protocol shows that it is suitable for the applications with higher security requirement.     

Improvement in new three-party-authenticated key agreement scheme based on chaotic maps without password table

Nonlinear Dynamics - A three-party-authenticated key agreement (3PAKA) scheme allows two participants to establish shared secure session key (3SK) via trusted server over a public network....     

An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps

Three-party password-based authenticated key exchange (3PAKE) protocols allow two clients to establish a secure session key through a server over an insecure channel. Recently, the 3PAKE protocols have been developed based on Chebyshev chaotic maps, in which the clients utilize smart cards to login into the server and employ server’s public key to ensure the identity of the server or symmetric cryptosystems to encrypt the messages. However, this paper describes an efficient chaos-based 3PAKE protocol without smart cards, which requires neither server’s public key nor symmetric cryptosystems. The security of the proposed 3PAKE protocol is proved in the random oracle model using the chaos-based decisional Diffie–Hellman assumption. In comparison with the existing chaos-based 3PAKE protocols, our protocol individually provides better performance in terms of communication, computation, and security aspects, and is supported by the formal proof in the random oracle model.     

A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps

In this paper, we propose a scheme utilizing three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps, which is more efficient and secure than previously proposed schemes. In order to enhance the efficiency and security, we use the extended chaotic maps to encrypt and decrypt the information transmitted by the user or the server. In addition, the proposed protocol provides user anonymity to guarantee the identity of users, which is transmitted in the insecure public network.     

Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials

Three-party key agreement protocol is an important cryptographic mechanism for secure communication, which allows two parties authenticate each other with the help of a trusted server. Very recently, Lai et al.’s proposed a novel three-party key agreement protocol using the enhanced Chebyshev chaotic map and claimed their protocol could withstand various attacks. Unfortunately, in this paper, we will show their protocol is vulnerable to the privileged insider attack and the off-line password guessing attack. To solve the problems, we propose an improved three-party key agreement protocol using the enhanced Chebyshev chaotic map. Security analysis and performance analysis show our protocol not only could withstand various attacks, but also has similar performance. Therefore, it is very suitable for practical applications.     

Arduino-based chaotic secure communication system using multi-directional multi-scroll chaotic oscillators

The experimental realization of a chaotic secure communication system is introduced herein taking advantage of Arduino’s open source integrated development environment along with its preset functions that reduce development time and complexity. The system uses multi-directional multi-scroll chaotic oscillators that are based on piecewise-linear functions. Experimental results are given for chaos generators in 1-direction (1-D), 2-D and 3-D of up to 20, \(20\times 20\) and \(20\times 20\times 20\) scrolls, respectively. Using two chaos generators, a chaotic secure communication system is implemented in a master–slave topology by applying generalized Hamiltonian forms and observer approach. Finally, we detail experimental results for the synchronization of \(6\times 6\) and \(20\times 20\) scroll attractors, which are used for transmitting a monochromatic image through the Arduino-based chaotic secure communication system.