首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到20条相似文献,搜索用时 0 毫秒
1.
2.
Recently, Lee et al. (Nonlinear Dyn, 73(1–2):125–132, 2013) proposed a three party password authenticated key exchange with user anonymity by utilizing extended chaotic maps. They claimed that their protocol is more secure than previously proposed schemes. In this paper, our analysis shows that Lee et al.’s protocol suffers from two kinds of attacks: (1) man-in-the-middle attack, and (2) user anonymity attack. To overcome these weakness, we propose an enhanced protocol that can resist the attacks described and yet with comparable efficiency.  相似文献   

3.
A key agreement protocol is used to derive a shared secure session key by two or more parties, but no party can predetermine the resulting value. Users can securely exchange information over an open network by using the shared session key to encrypt/decrypt secure information. Recently, several key agreement protocols based on chaotic maps are proposed. Xiao et al. proposed a novel key agreement protocol based on chaotic maps and claimed their protocol can resist the known attack which is proposed by Bergamo et al. However, Han et al. and Xiang et al. pointed out that the Xiao et al. protocol is still insecure. To overcome these attacks, we shall propose an extended chaotic maps-based key agreement protocol. The proposed protocol not only can resist these attacks, but also provide mutual authentication and user anonymity.  相似文献   

4.
Zuowen Tan 《Nonlinear dynamics》2013,72(1-2):311-320
In wireless communication environments, the authenticated key agreement with user anonymity is important. Recently, many chaotic maps-based anonymous authenticated key agreement protocols have been proposed. Tseng et al. applied Chebyshev chaotic maps to propose an anonymous key agreement protocol. Unfortunately, Niu et al. demonstrated that Tseng et al.’s protocol cannot protect the user anonymity and it suffers from insider attacks. Xue et al. improved Tseng et al.’s protocol. However, we have found that their improved protocol still cannot provide strong anonymity and it is vulnerable to the man-in-the-middle attack. To remove these weaknesses, we have proposed a novel chaotic maps-based authenticated key agreement protocol. The proposed protocol cannot only resist these attacks, but also provide strong anonymity.  相似文献   

5.
Very recently, Lee et?al. (C.?Lee, C.?Chen, C.?Wu, S.?Huang, An extended chaotic maps-based key agreement protocol with user anonymity, Nonlinear Dynamics, doi:10.1007/s11071-011-0247-4) proposed a chaotic maps-based key agreement protocol with user anonymity and claimed their protocol could resist various attacks. In this paper, we will point out that Lee et?al.??s protocol suffers from three weaknesses: (1)?inability of resisting the privileged insider attack; (2)?inability of resisting the denial-of-service attack; and (3)?inability of providing anonymity. To overcome the weaknesses, we also proposed an improved protocol. The analysis shows our protocol is more suitable for practical applications.  相似文献   

6.
To guarantee secure communication, many maps-based key agreement protocols have been proposed. Due to inherent tamper-resistance, most of them are based on smart cards. Unfortunately, the cost of cards and readers makes these protocols costly. In the real world, common storage devices, such as universal serial bus (USB) thumb drives, portable HDDs, mobile phones, and laptop or desktop PCs, are widely used, and they are much cheaper or more convenient for storing user authentication information. These devices do not provide tamper-resistance; it is a challenge to design a secure authentication protocol using these kinds of memory devices. In this paper, we will propose a maps-based key agreement protocol without using smart cards. According to our analysis, the proposed protocol guarantees mutual authentication, and also resists different attacks. Therefore, our protocol is suitable even for practical applications.  相似文献   

7.
8.
9.
Three-party key agreement protocol is an important cryptographic mechanism for secure communication, which allows two parties authenticate each other with the help of a trusted server. Very recently, Lai et al.’s proposed a novel three-party key agreement protocol using the enhanced Chebyshev chaotic map and claimed their protocol could withstand various attacks. Unfortunately, in this paper, we will show their protocol is vulnerable to the privileged insider attack and the off-line password guessing attack. To solve the problems, we propose an improved three-party key agreement protocol using the enhanced Chebyshev chaotic map. Security analysis and performance analysis show our protocol not only could withstand various attacks, but also has similar performance. Therefore, it is very suitable for practical applications.  相似文献   

10.
Recently, several key agreement protocols based on Chebyshev chaotic maps have been proposed in the literature. However, they can normally achieve “heuristic” security, that is, once drawbacks are found in these protocols, they are either modified to resist the new attacks, or are discarded. Under these circumstances, it is necessary and significant to define standard security models that can precisely characterize the capabilities of the participants and a potent adversary. Hence, we propose to use public key encryption based on enhanced Chebyshev chaotic maps and pseudo-random function ensembles to construct an efficient three-party key agreement protocol under the standard model, in which the adversary is able to make a wider range of queries and have more freedom than the other proposed schemes. In the design of our protocol, we follow the ideas in the recent key agreement protocol of Yang and Cao’s. The proposed protocol is shown to be provably secure if decisional Diffie–Hellman problem, which is based on Chebyshev chaotic maps, is computationally infeasible. To the best of our knowledge, our protocol is the first provably secure 3PAKE protocol using Chebyshev chaotic maps under the standard model.  相似文献   

11.
12.
13.
Jabbari  A.  Mohasefi  J. B. 《Nonlinear dynamics》2019,95(4):3177-3191
Nonlinear Dynamics - A three-party-authenticated key agreement (3PAKA) scheme allows two participants to establish shared secure session key (3SK) via trusted server over a public network....  相似文献   

14.
Recently, biometric-based remote user authentication schemes along with passwords have drawn considerable attention in research. In 2011, Das proposed an improvement on an efficient biometric-based remote user authentication scheme using smart cards and claimed his scheme could resist various attacks. However, there are some weaknesses in Das’s scheme such as the privileged insider attack and the off-line password guessing attack. Besides, Das’s scheme also cannot provide user anonymity. To overcome these weaknesses, we shall propose a secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. The proposed scheme not only can resist the above-mentioned attacks, but also provide user anonymity.  相似文献   

15.
In this paper, we propose a scheme utilizing three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps, which is more efficient and secure than previously proposed schemes. In order to enhance the efficiency and security, we use the extended chaotic maps to encrypt and decrypt the information transmitted by the user or the server. In addition, the proposed protocol provides user anonymity to guarantee the identity of users, which is transmitted in the insecure public network.  相似文献   

16.
Very recently, Chen et al. proposed a security-enhanced key agreement protocol based on Chebyshev chaotic map. They claimed that the proposed protocol can achieve session key agreement shared among the server and user with security and users anonymity. Although, in this paper, we will prove that Chen et al.’s protocol cannot guarantee security and user anonymity against internal adversary who is a legal user. Furthermore, we give some improvements to dominate the mentioned shortcomings. The analysis shows that our proposed improvements are secure and efficient.  相似文献   

17.
Three-party password-based authenticated key exchange (3PAKE) protocols allow two clients to establish a secure session key through a server over an insecure channel. Recently, the 3PAKE protocols have been developed based on Chebyshev chaotic maps, in which the clients utilize smart cards to login into the server and employ server’s public key to ensure the identity of the server or symmetric cryptosystems to encrypt the messages. However, this paper describes an efficient chaos-based 3PAKE protocol without smart cards, which requires neither server’s public key nor symmetric cryptosystems. The security of the proposed 3PAKE protocol is proved in the random oracle model using the chaos-based decisional Diffie–Hellman assumption. In comparison with the existing chaos-based 3PAKE protocols, our protocol individually provides better performance in terms of communication, computation, and security aspects, and is supported by the formal proof in the random oracle model.  相似文献   

18.
Due to the rapid development and growth of computer networks, there have been greater and greater demands for remote password authentication protocols. Recently, the focus has been on protocols for multiserver environments that run on smart cards. These protocols typically count on the nonce or timestamp to provide protection against the replay attack. However, as Tsaur et al. pointed out, these protocols have some security issues such as disturbance in clock synchronization and vulnerability to the man-in-the-middle attack. In order to solve the above problems, Tsaur et al. proposed a multiserver authentication scheme with key agreement in 2012, and they claimed that their scheme could effectively achieve password-authenticated key agreement while getting around the technical difficulty of implementing clock synchronization in multiserver environments. Unfortunately, we found out that Tsaur et al.’s protocol still has the following weaknesses: (1) inability to resist privileged insider attack, (2) inability to resist known-plaintext attack, (3) inability to provide user anonymity, and (4) lack of perfect forward secrecy. To fix these secure flaws of Tsaur et al.’s protocol, in this paper, we shall propose an improved multiserver authentication protocol with key agreement based on extended chaotic maps. We shall also offer formal proof of smooth execution of the improved authenticated key agreement protocol.  相似文献   

19.
20.
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号