Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol

Very recently, Lee et?al. (C.?Lee, C.?Chen, C.?Wu, S.?Huang, An extended chaotic maps-based key agreement protocol with user anonymity, Nonlinear Dynamics, doi:10.1007/s11071-011-0247-4) proposed a chaotic maps-based key agreement protocol with user anonymity and claimed their protocol could resist various attacks. In this paper, we will point out that Lee et?al.??s protocol suffers from three weaknesses: (1)?inability of resisting the privileged insider attack; (2)?inability of resisting the denial-of-service attack; and (3)?inability of providing anonymity. To overcome the weaknesses, we also proposed an improved protocol. The analysis shows our protocol is more suitable for practical applications.     

A chaotic maps-based authenticated key agreement protocol with strong anonymity

In wireless communication environments, the authenticated key agreement with user anonymity is important. Recently, many chaotic maps-based anonymous authenticated key agreement protocols have been proposed. Tseng et al. applied Chebyshev chaotic maps to propose an anonymous key agreement protocol. Unfortunately, Niu et al. demonstrated that Tseng et al.’s protocol cannot protect the user anonymity and it suffers from insider attacks. Xue et al. improved Tseng et al.’s protocol. However, we have found that their improved protocol still cannot provide strong anonymity and it is vulnerable to the man-in-the-middle attack. To remove these weaknesses, we have proposed a novel chaotic maps-based authenticated key agreement protocol. The proposed protocol cannot only resist these attacks, but also provide strong anonymity.     

An extended chaotic maps-based key agreement protocol with user anonymity

A key agreement protocol is used to derive a shared secure session key by two or more parties, but no party can predetermine the resulting value. Users can securely exchange information over an open network by using the shared session key to encrypt/decrypt secure information. Recently, several key agreement protocols based on chaotic maps are proposed. Xiao et al. proposed a novel key agreement protocol based on chaotic maps and claimed their protocol can resist the known attack which is proposed by Bergamo et al. However, Han et al. and Xiang et al. pointed out that the Xiao et al. protocol is still insecure. To overcome these attacks, we shall propose an extended chaotic maps-based key agreement protocol. The proposed protocol not only can resist these attacks, but also provide mutual authentication and user anonymity.     

Cryptanalysis and enhancement of a chaotic maps-based three-party password authenticated key exchange protocol

Recently, Lee et al. (Nonlinear Dyn, 73(1–2):125–132, 2013) proposed a three party password authenticated key exchange with user anonymity by utilizing extended chaotic maps. They claimed that their protocol is more secure than previously proposed schemes. In this paper, our analysis shows that Lee et al.’s protocol suffers from two kinds of attacks: (1) man-in-the-middle attack, and (2) user anonymity attack. To overcome these weakness, we propose an enhanced protocol that can resist the attacks described and yet with comparable efficiency.     

An extended chaotic-maps-based protocol with key agreement for multiserver environments

Due to the rapid development and growth of computer networks, there have been greater and greater demands for remote password authentication protocols. Recently, the focus has been on protocols for multiserver environments that run on smart cards. These protocols typically count on the nonce or timestamp to provide protection against the replay attack. However, as Tsaur et al. pointed out, these protocols have some security issues such as disturbance in clock synchronization and vulnerability to the man-in-the-middle attack. In order to solve the above problems, Tsaur et al. proposed a multiserver authentication scheme with key agreement in 2012, and they claimed that their scheme could effectively achieve password-authenticated key agreement while getting around the technical difficulty of implementing clock synchronization in multiserver environments. Unfortunately, we found out that Tsaur et al.’s protocol still has the following weaknesses: (1) inability to resist privileged insider attack, (2) inability to resist known-plaintext attack, (3) inability to provide user anonymity, and (4) lack of perfect forward secrecy. To fix these secure flaws of Tsaur et al.’s protocol, in this paper, we shall propose an improved multiserver authentication protocol with key agreement based on extended chaotic maps. We shall also offer formal proof of smooth execution of the improved authenticated key agreement protocol.     

A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps

In this paper, we propose a scheme utilizing three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps, which is more efficient and secure than previously proposed schemes. In order to enhance the efficiency and security, we use the extended chaotic maps to encrypt and decrypt the information transmitted by the user or the server. In addition, the proposed protocol provides user anonymity to guarantee the identity of users, which is transmitted in the insecure public network.     

Cryptanalysis and improvement of a chaotic map-based key agreement protocol using Chebyshev sequence membership testing

Recently, Gong et al. (Nonlinear Dyn, doi:10.1007/s11071-012-0628-3, 2012) proposed a chaotic map-based key agreement protocol without using smart cards. They claimed that the protocol is secure against password-guessing attacks. However, we show that Gong et al.’s protocol is vulnerable to partition attacks, whereby the adversary can guess the correct password off-line. We also demonstrate that the protocol suffers from a a stolen-verifier attack along with password change pitfalls. Thereafter, we proposed an chaotic map-based key agreement protocol without using smart cards to conquer the mentioned weaknesses. The security analysis of the proposed protocol shows that it is suitable for the applications with higher security requirement.     

A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps

Recently, biometric-based remote user authentication schemes along with passwords have drawn considerable attention in research. In 2011, Das proposed an improvement on an efficient biometric-based remote user authentication scheme using smart cards and claimed his scheme could resist various attacks. However, there are some weaknesses in Das’s scheme such as the privileged insider attack and the off-line password guessing attack. Besides, Das’s scheme also cannot provide user anonymity. To overcome these weaknesses, we shall propose a secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. The proposed scheme not only can resist the above-mentioned attacks, but also provide user anonymity.     

Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials

Three-party key agreement protocol is an important cryptographic mechanism for secure communication, which allows two parties authenticate each other with the help of a trusted server. Very recently, Lai et al.’s proposed a novel three-party key agreement protocol using the enhanced Chebyshev chaotic map and claimed their protocol could withstand various attacks. Unfortunately, in this paper, we will show their protocol is vulnerable to the privileged insider attack and the off-line password guessing attack. To solve the problems, we propose an improved three-party key agreement protocol using the enhanced Chebyshev chaotic map. Security analysis and performance analysis show our protocol not only could withstand various attacks, but also has similar performance. Therefore, it is very suitable for practical applications.     

Provably secure three-party key agreement protocol using Chebyshev chaotic maps in the standard model

Recently, several key agreement protocols based on Chebyshev chaotic maps have been proposed in the literature. However, they can normally achieve “heuristic” security, that is, once drawbacks are found in these protocols, they are either modified to resist the new attacks, or are discarded. Under these circumstances, it is necessary and significant to define standard security models that can precisely characterize the capabilities of the participants and a potent adversary. Hence, we propose to use public key encryption based on enhanced Chebyshev chaotic maps and pseudo-random function ensembles to construct an efficient three-party key agreement protocol under the standard model, in which the adversary is able to make a wider range of queries and have more freedom than the other proposed schemes. In the design of our protocol, we follow the ideas in the recent key agreement protocol of Yang and Cao’s. The proposed protocol is shown to be provably secure if decisional Diffie–Hellman problem, which is based on Chebyshev chaotic maps, is computationally infeasible. To the best of our knowledge, our protocol is the first provably secure 3PAKE protocol using Chebyshev chaotic maps under the standard model.     

An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments

As the era of pervasive and ubiquitous computing comes close, hand-held and smart devices are expected to achieve the dream of all time everywhere computing. Remote user authentication is important to verify the legitimacy of a login user over an insecure communication channel. Furthermore, in order to protect user privacy such that others cannot trace login users by eavesdropping the communication messages, several researchers proposed some dynamic ID-based remote user authentication schemes for providing user anonymity. On the other hand, the denial-of-service (DoS) attacks may make legal users unable to access a remote server by intercepting the authentication message which a login user sends to the remote server. It will make the latest user identities kept by login user and the remote server differ from each other. To ensure user anonymity and prevent such DoS attacks, we propose an extended chaotic map and dynamic ID-based user authentication scheme against DoS attacks. The proposed scheme is suitable for use in pervasive computing environments such as online financial authentication since it can ensure security while maintaining efficiency.     

A secure chaotic maps-based key agreement protocol without using smart cards

To guarantee secure communication, many maps-based key agreement protocols have been proposed. Due to inherent tamper-resistance, most of them are based on smart cards. Unfortunately, the cost of cards and readers makes these protocols costly. In the real world, common storage devices, such as universal serial bus (USB) thumb drives, portable HDDs, mobile phones, and laptop or desktop PCs, are widely used, and they are much cheaper or more convenient for storing user authentication information. These devices do not provide tamper-resistance; it is a challenge to design a secure authentication protocol using these kinds of memory devices. In this paper, we will propose a maps-based key agreement protocol without using smart cards. According to our analysis, the proposed protocol guarantees mutual authentication, and also resists different attacks. Therefore, our protocol is suitable even for practical applications.     

Analysis and improvement of a novel image fusion encryption algorithm based on DNA sequence operation and hyper-chaotic system

Recently, a novel image encryption algorithm based on DNA operation and hyper-chaotic system has been proposed by Zhang et al. The encryption algorithm first shuffles the image pixels using Chen chaotic system. After shuffling process, the proposed encryption algorithm changes the gray levels of the image pixels using DNA operation. In this study, we give out complete break for the proposed cryptosystem using a chosen plaintext attack. Both mathematical proofs and experimental results are presented to support the proposed attacks. Main motivation behind this study was to analyze whether proposed image encryption algorithm is suitable for secure communication or not. Based on the results of our analysis, we also discussed the potential improvements for the algorithm and proposed a modified new encryption algorithm accordingly. Essential elements of designing secure image encryption algorithms and potential application areas are also stated.     

Chaotic maps-based three-party password-authenticated key agreement scheme

Since chaos theory related to cryptography has been addressed widely, many chaotic maps based two-party password-authenticated key agreement (2PAKA) schemes have been proposed. However, to the best of our knowledge, no chaotic maps based three-party password-authenticated key agreement (3PAKA) protocol without using a timestamp has been proposed, yet. In this paper, we propose the first chaotic maps-based 3PAKA protocol without a timestamp. The proposed protocol is not based on the traditional public key cryptosystem but is based on chaotic maps, which not only achieves perfect forward secrecy without using a timestamp, modular exponentiation and scalar multiplication on an elliptic curve, but is also robust to resist various attacks such as password guessing attacks, impersonation attacks, man-in-the-middle attacks, etc.     

Meaningful image sharing scheme using toral automorphism

In recent years, image sharing scheme has attracted much attention for researchers due to the characteristics of security and easy implementation. In 2011, Wang and Lee proposed a random grid-based sharing scheme with identifiable shares to protect the security of the secret images. Their method has several disadvantages that must be improved. First, the constructed shares are meaningless ones which are difficult to manage. Second, the original secret image cannot be completely recovered which can cause the misjudgment of information. Wang et al. proposed a sharing method with verification ability in 2011. However, the constructed shares are also meaningless ones. This paper proposes a meaningful image sharing scheme to improve the above-mentioned disadvantages. Furthermore, we utilize toral automorphism to enhance the security of the secret image. Experimental results can show the feasibility of the proposed method.     

无氧铜层裂的实验与数值研究

利用一级气体炮对国产的无氧铜（OFHC）进行了平板撞击致层裂实验,3 mm厚的OFHC飞片撞击6 mm厚的OFHC靶,采用锰铜应力计记录试样/有机玻璃（PMMA）界面附近的应力历史,获得试样发生层裂的信息。软回收试样,观测回收试样的层裂片。采用基于空穴聚集的层裂模型,数值模拟这些平板撞击致层裂实验。数值模拟的应力剖面以及试样层裂片厚度与实验结果基本一致。此外,对于国外相关的OFHC层裂实验,采用基于空穴聚集的层裂模型也作了相应的数值模拟,并进行了比较。     

Numerical implementation of pseudo-arclength algorithm in nonlinear finite element analysis

A numerical procedure to calculate the pre-buckling and postbuckling response of general structures is presented. This procedure is based on the pseudo-arclength algorithm suggested by E. Riks et al., which has some numerical difficulties during implementation of large applied analysis programs. To overcome these difficulties, a scheme based on rank-1 modification of the matrix is proposed. Some example show this procedure behaves well in passing through the limit point and is rather efficient. recommended by Prof. Chen Yaosong and Prof. Wu Jike     

小肠内药物分布与吸收模型的解析解

Y.Miyamoto等人根据小肠的生理和解剖特点,忽略小肠的固有运动对药物分布与吸收的影响,提出了肠内药物分布与吸收的二维层流、可渗壁多孔圆管模型。他们应用数值方法进行了计算。本文给出了包括灭活作用在内的上述模型的稳态解析解。所得结果与他们的数值解是一致的。解析解揭示了模型中各生理参数之间的相互关系,刻划了药物和营养物通过肠壁吸收规律,为在体实验测定肠壁对药物和营养物的渗透和反射系数提供了理论分析基础。同时从理论上证明了一些极为重要的结论。     

A Gurson-type criterion for porous ductile solids containing arbitrary ellipsoidal voids—II: Determination of yield criterion parameters

The aim of this paper is to fully determine the parameters of the approximate homogenized yield criterion for porous ductile solids containing arbitrary ellipsoidal cavities proposed in Part I. This is done through improvements of the limit-analysis of some representative hollow cell presented there. The improvements are of two kinds. For hydrostatic loadings, the limit-analysis is refined by performing micromechanical finite element computations in a number of significant cases, so as to replace Leblond and Gologanu (2008)'s trial velocity field representing the expansion of the void by the exact, numerically determined one. For deviatoric loadings, limit-analysis is dropped and direct use is made of some general rigorous results for nonlinear composites derived by Ponte-Castaneda (1991), Willis (1991) and Michel and Suquet (1992) using the earlier work of Willis (1977) and the concept of “linear comparison material”. This hybrid approach is thought to lead to the best possible expressions of the yield criterion parameters. The criterion proposed reduces to (variants of) classical approximate criteria proposed by Gurson (1977) and Gologanu et al., 1993, Gologanu et al., 1994, Gologanu et al., 1997 in the specific cases of spherical or spheroidal, prolate or oblate cavities. An overview of the validation of this criterion through micromechanical finite element computations is finally presented.