A revised key agreement protocol based on chaotic maps

Very recently, Chen et al. proposed a security-enhanced key agreement protocol based on Chebyshev chaotic map. They claimed that the proposed protocol can achieve session key agreement shared among the server and user with security and users anonymity. Although, in this paper, we will prove that Chen et al.’s protocol cannot guarantee security and user anonymity against internal adversary who is a legal user. Furthermore, we give some improvements to dominate the mentioned shortcomings. The analysis shows that our proposed improvements are secure and efficient.     

An extended chaotic maps-based key agreement protocol with user anonymity

A key agreement protocol is used to derive a shared secure session key by two or more parties, but no party can predetermine the resulting value. Users can securely exchange information over an open network by using the shared session key to encrypt/decrypt secure information. Recently, several key agreement protocols based on chaotic maps are proposed. Xiao et al. proposed a novel key agreement protocol based on chaotic maps and claimed their protocol can resist the known attack which is proposed by Bergamo et al. However, Han et al. and Xiang et al. pointed out that the Xiao et al. protocol is still insecure. To overcome these attacks, we shall propose an extended chaotic maps-based key agreement protocol. The proposed protocol not only can resist these attacks, but also provide mutual authentication and user anonymity.     

An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps

Three-party password-based authenticated key exchange (3PAKE) protocols allow two clients to establish a secure session key through a server over an insecure channel. Recently, the 3PAKE protocols have been developed based on Chebyshev chaotic maps, in which the clients utilize smart cards to login into the server and employ server’s public key to ensure the identity of the server or symmetric cryptosystems to encrypt the messages. However, this paper describes an efficient chaos-based 3PAKE protocol without smart cards, which requires neither server’s public key nor symmetric cryptosystems. The security of the proposed 3PAKE protocol is proved in the random oracle model using the chaos-based decisional Diffie–Hellman assumption. In comparison with the existing chaos-based 3PAKE protocols, our protocol individually provides better performance in terms of communication, computation, and security aspects, and is supported by the formal proof in the random oracle model.     

A chaotic maps-based authenticated key agreement protocol with strong anonymity

In wireless communication environments, the authenticated key agreement with user anonymity is important. Recently, many chaotic maps-based anonymous authenticated key agreement protocols have been proposed. Tseng et al. applied Chebyshev chaotic maps to propose an anonymous key agreement protocol. Unfortunately, Niu et al. demonstrated that Tseng et al.’s protocol cannot protect the user anonymity and it suffers from insider attacks. Xue et al. improved Tseng et al.’s protocol. However, we have found that their improved protocol still cannot provide strong anonymity and it is vulnerable to the man-in-the-middle attack. To remove these weaknesses, we have proposed a novel chaotic maps-based authenticated key agreement protocol. The proposed protocol cannot only resist these attacks, but also provide strong anonymity.     

Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials

Three-party key agreement protocol is an important cryptographic mechanism for secure communication, which allows two parties authenticate each other with the help of a trusted server. Very recently, Lai et al.’s proposed a novel three-party key agreement protocol using the enhanced Chebyshev chaotic map and claimed their protocol could withstand various attacks. Unfortunately, in this paper, we will show their protocol is vulnerable to the privileged insider attack and the off-line password guessing attack. To solve the problems, we propose an improved three-party key agreement protocol using the enhanced Chebyshev chaotic map. Security analysis and performance analysis show our protocol not only could withstand various attacks, but also has similar performance. Therefore, it is very suitable for practical applications.     

Cryptanalysis and improvement of a chaotic map-based key agreement protocol using Chebyshev sequence membership testing

Recently, Gong et al. (Nonlinear Dyn, doi:10.1007/s11071-012-0628-3, 2012) proposed a chaotic map-based key agreement protocol without using smart cards. They claimed that the protocol is secure against password-guessing attacks. However, we show that Gong et al.’s protocol is vulnerable to partition attacks, whereby the adversary can guess the correct password off-line. We also demonstrate that the protocol suffers from a a stolen-verifier attack along with password change pitfalls. Thereafter, we proposed an chaotic map-based key agreement protocol without using smart cards to conquer the mentioned weaknesses. The security analysis of the proposed protocol shows that it is suitable for the applications with higher security requirement.     

An extended chaotic-maps-based protocol with key agreement for multiserver environments

Due to the rapid development and growth of computer networks, there have been greater and greater demands for remote password authentication protocols. Recently, the focus has been on protocols for multiserver environments that run on smart cards. These protocols typically count on the nonce or timestamp to provide protection against the replay attack. However, as Tsaur et al. pointed out, these protocols have some security issues such as disturbance in clock synchronization and vulnerability to the man-in-the-middle attack. In order to solve the above problems, Tsaur et al. proposed a multiserver authentication scheme with key agreement in 2012, and they claimed that their scheme could effectively achieve password-authenticated key agreement while getting around the technical difficulty of implementing clock synchronization in multiserver environments. Unfortunately, we found out that Tsaur et al.’s protocol still has the following weaknesses: (1) inability to resist privileged insider attack, (2) inability to resist known-plaintext attack, (3) inability to provide user anonymity, and (4) lack of perfect forward secrecy. To fix these secure flaws of Tsaur et al.’s protocol, in this paper, we shall propose an improved multiserver authentication protocol with key agreement based on extended chaotic maps. We shall also offer formal proof of smooth execution of the improved authenticated key agreement protocol.     

Chaotic maps-based three-party password-authenticated key agreement scheme

Since chaos theory related to cryptography has been addressed widely, many chaotic maps based two-party password-authenticated key agreement (2PAKA) schemes have been proposed. However, to the best of our knowledge, no chaotic maps based three-party password-authenticated key agreement (3PAKA) protocol without using a timestamp has been proposed, yet. In this paper, we propose the first chaotic maps-based 3PAKA protocol without a timestamp. The proposed protocol is not based on the traditional public key cryptosystem but is based on chaotic maps, which not only achieves perfect forward secrecy without using a timestamp, modular exponentiation and scalar multiplication on an elliptic curve, but is also robust to resist various attacks such as password guessing attacks, impersonation attacks, man-in-the-middle attacks, etc.     

A secure chaotic maps-based key agreement protocol without using smart cards

To guarantee secure communication, many maps-based key agreement protocols have been proposed. Due to inherent tamper-resistance, most of them are based on smart cards. Unfortunately, the cost of cards and readers makes these protocols costly. In the real world, common storage devices, such as universal serial bus (USB) thumb drives, portable HDDs, mobile phones, and laptop or desktop PCs, are widely used, and they are much cheaper or more convenient for storing user authentication information. These devices do not provide tamper-resistance; it is a challenge to design a secure authentication protocol using these kinds of memory devices. In this paper, we will propose a maps-based key agreement protocol without using smart cards. According to our analysis, the proposed protocol guarantees mutual authentication, and also resists different attacks. Therefore, our protocol is suitable even for practical applications.     

A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps

In this paper, we propose a scheme utilizing three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps, which is more efficient and secure than previously proposed schemes. In order to enhance the efficiency and security, we use the extended chaotic maps to encrypt and decrypt the information transmitted by the user or the server. In addition, the proposed protocol provides user anonymity to guarantee the identity of users, which is transmitted in the insecure public network.     

Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps

With the aim of guaranteeing secure communication through public networks, three-factor password authentication (TF-PWA) scheme plays a key role in many internet applications. Since in TF-PWA scheme, the communicating entities can mutually authenticate each other and generate a shared session key, which will be used for secure exchange of messages in succeeding communication among them. As a result, the TF-PWA schemes gain enormous consideration in recent years. More recently, due to light-weight features of the extended chaotic map, it is also extensively applied in designing of public key encryption, key agreement, image encryption, S-box, hash function, digital signature, password authentication, etc. The aim of this paper was to design a dynamic identity-based three-factor password authentication scheme using extended chaotic map (ECM-TF-PWA) in the random oracle model. The proposed scheme is provably secure based on the intractability assumption of chaotic map-based Diffie–Hellman problem. The informal security analysis gives the evidence that our scheme protects all attacks and provides functionality attributes that are needed in a three-factor authentication system. Besides, the performance discussion shows that our scheme performs better than others in respect of computation and communication cost.     

A technique for digital steganography using chaotic maps

Chaos has been applied extensively in secure communication over the last decade, but most of the chaotic security protocols defined, are cryptographically weak or slow to compute. Also, study of chaotic phenomena as application in security area is not discussed in detail. In this paper, we have intensely studied chaos, their influence in secure communications and proposed a steganography technique in spatial domain for digital images based upon chaotic maps. By applying chaos effectively in secure communication, the strength of the overall anticipated algorithm has been increased to a significant level. In addition, few security statistical analyses such as correlation, entropy, energy, contrast, homogeneity, peak signal to noise ratio, and mean square error have also been carried out and shown that it can survive against various differential attacks such as the known message attack, known cover attack, known stego attack, and stego only attack.     

An image encryption scheme based on chaotic tent map

Image encryption has been an attractive research field in recent years. The chaos-based cryptographic algorithms have suggested some new and efficient ways to develop secure image encryption techniques. This paper proposes a novel image encryption scheme, which is based on the chaotic tent map. Image encryption systems based on such map show some better performances. Firstly, the chaotic tent map is modified to generate chaotic key stream that is more suitable for image encryption. Secondly, the chaos-based key stream is generated by a 1-D chaotic tent map, which has a better performance in terms of randomness properties and security level. The performance and security analysis of the proposed image encryption scheme is performed using well-known ways. The results of the fail-safe analysis are inspiring, and it can be concluded that the proposed scheme is efficient and secure.     

Cryptanalysis and enhancement of a chaotic maps-based three-party password authenticated key exchange protocol

Recently, Lee et al. (Nonlinear Dyn, 73(1–2):125–132, 2013) proposed a three party password authenticated key exchange with user anonymity by utilizing extended chaotic maps. They claimed that their protocol is more secure than previously proposed schemes. In this paper, our analysis shows that Lee et al.’s protocol suffers from two kinds of attacks: (1) man-in-the-middle attack, and (2) user anonymity attack. To overcome these weakness, we propose an enhanced protocol that can resist the attacks described and yet with comparable efficiency.     

An intertwining chaotic maps based image encryption scheme

In this paper, a new image encryption scheme is proposed that uses intertwining chaotic maps to enhance security and key length. In the substitution process, six randomly chosen odd integers are used to permute and then XORed with the first chaotic key to shuffle and alter the image pixels. Byte substitution has also been applied and the resultant values are XORed with the second chaotic key to improve the security against the known/chosen-plain text attack and to increase nonlinearity. In the diffusion process, the pixel values are altered sequentially with various operations which include nonlinear diffusion using the first chaotic key, subdiagonal diffusion of adjacent pixels and XORing with the third chaotic key. The security and performance of the proposed image encryption technique have been analyzed using statistical analysis, sensitivity analysis, key space analysis, differential analysis, and entropy analysis. The simulation shows that a single bit of key or pixel difference of the plain-image will change almost all the pixels in the cipher-image ( $\mathrm{NPCR}>99.63$ ?%), and the unified average changing intensity is high ( $\mathrm{UACI}>33.43$ ?%). Since the entropy is found to be close to the theoretical value, we observed that the information leakage is negligible, and hence the scheme is highly secure. The experimental results show that the performance of the proposed scheme is secure and fast.     

Designing a multi-scroll chaotic system by operating Logistic map with fractal process

Recently, chaotic systems have been widely investigated in several engineering applications. This paper presents a new chaotic system based on Julia’s fractal process, chaotic attractors and Logistic map in a complex set. Complex dynamic characteristics were analyzed, such as equilibrium points, bifurcation, Lyapunov exponents and chaotic behavior of the proposed chaotic system. As we know, one positive Lyapunov exponent proved the chaotic state. Numerical simulation shows a plethora of complex dynamic behaviors, which coexist with an antagonist form mixed of bifurcation and attractor. Then, we introduce an algorithm for image encryption based on chaotic system. The algorithm consists of two main stages: confusion and diffusion. Experimental results have proved that the proposed maps used are more complicated and they have a key space sufficiently large. The proposed image encryption algorithm is compared to other recent image encryption schemes by using different security analysis factors including differential attacks analysis, statistical tests, key space analysis, information entropy test and running time. The results demonstrated that the proposed image encryption scheme has better results in the level of security and speed.     

A novel secure image transmission scheme based on synchronization of fractional-order discrete-time hyperchaotic systems

In this paper, a secure image transmission scheme based on synchronization of fractional-order discrete-time hyperchaotic systems is proposed. In this scheme, a fractional-order modified-Hénon map is considered as a transmitter, the system parameters and fractional orders are considered as secret keys. As a receiver, a step-by-step delayed observer is used, and based on this one, an exact synchronization is established. To make the transmission scheme secure, an encryption function is used to cipher the original information using a key stream obtained from the chaotic map sequences. Moreover, to further enhance the scheme security, the ciphered information is inserted by inclusion method in the chaotic map dynamics. The first contribution of this paper is to propose new results on the observability and the observability matching condition of nonlinear discrete-time fractional-order systems. To the best of our knowledge, these features have not been addressed in the literature. In the second contribution, the design of delayed discrete observer, based on fractional-order discrete-time hyperchaotic system, is proposed. The feasibility of this realization is demonstrated. Finally, different analysis are introduced to test the proposed scheme security. Simulation results are presented to highlight the performances of our method. These results show that, our scheme can resist different kinds of attacks and it exhibits good performance.     

Construction of a novel nth-order polynomial chaotic map and its application in the pseudorandom number generator

Chaotic maps with good chaotic performance have been extensively designed in cryptography recently. This paper gives an nth-order polynomial chaotic map by using topological conjugation with piecewise linear chaos map. The range of chaotic parameters of this nth-order polynomial chaotic map is large and continuous. And the larger n is, the greater the Lyapunov exponent is and the more complex the dynamic characteristic of the nth-order polynomial chaotic map. The above characteristics of the nth-order polynomial chaotic map avoid the disadvantages of one-dimensional chaotic systems in secure application to some extent. Furthermore, the nth-order polynomial chaotic map is proved to be an extension of the Chebyshev polynomial map, which enriches chaotic map. The numerical simulation of dynamic behaviors for an 8th-order polynomial map satisfying the chaotic condition is carried out, and the numerical simulation results show the correctness of the related conclusion. This paper proposed the pseudorandom number generator according to the 8th-order polynomial chaotic map constructed in this paper. Using the performance analysis of the proposed pseudorandom number generator, the analysis result shows that the pseudorandom number generator according to the 8th-order polynomial chaotic map can efficiently generate pseudorandom sequences with higher performance through the randomness analysis with NIST SP800-22 and TestU01, security analysis and efficiency analysis. Compared with the other pseudorandom number generators based on chaotic systems in recent references, this paper performs a comprehensive performance analysis of the pseudorandom number generator according to the 8th-order polynomial chaotic map, which indicates the potential of its application in cryptography.

     

A novel approach for designing substitution-boxes based on nonlinear chaotic algorithm

A substitution box (S-box) plays a central role in cryptographic algorithms. In this paper, an efficient method for designing S-boxes based on chaotic maps is proposed. The proposed method is based on the NCA (nonlinear chaotic algorithm) chaotic maps. The S-box so constructed has very optimal nonlinearity, bit independence criterion (BIC), strict avalanche criterion (SAC), differential and linear approximation probabilities. The proposed S-box is more secure against differential and linear cryptanalysis compared to recently proposed chaotic S-boxes.     

A new digital signature scheme based on chaotic maps

In the present e-commerce and e-government era, digital signatures have become more and more important. Digital signature algorithms can be categorized based on the type of security suppositions, for example discrete logarithm, factorization hard-problems, and elliptic curve cryptography, which are all currently believed to be unsolvable in a reasonable time period. Recently, cryptosystems based on chaotic maps have been proposed. Due to some subtle and close relationships between the properties of traditional cryptosystems and chaotic systems, the idea of chaotic systems with applications to cryptography has received a great deal of attention from researchers from a variety of disciplines. Therefore, to enhance system security, we explore the implementation of a digital signature algorithm based on both cryptographic and chaotic system characteristics. We also give a proof that the security of the proposed scheme can protect against the known key attacks.