JISE


  [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ]


Journal of Information Science and Engineering, Vol. 34 No. 2, pp. 371-390


Improvement on a Chaotic Map-based Mutual Anonymous Authentication Protocol


CHIEN-MING CHEN1, WEICHENG FANG1, SHUAI LIU1, TSU-YANG WU2,3,  JENG-SHYANG PAN2,3 AND KING-HANG WANG4,*
1Harbin Institute of Technology Shenzhen Graduate School
Shenzhen, 518055 P.R. China
E-mail: chienming@hit.edu.cn; fangwc15@163.com; liush000@hotmail.com

2Fujian Provincial Key Lab of Big Data Mining and Applications
3National Demonstration Center for Experimental Electronic Information
and Electrical Technology Education Fujian University of Technology
Fuzhou, 350118 P.R. China
E-mail: wutsuyang@gmail.com; jspan@cc.kuas.edu.tw

4,*Department of Computer Science and Engineering Hong Kong University of Science and Technology
Hong Kong, P.R. China
E-mail: kevinw@cse.ust.hk 


    Designing a secure anonymous authentication protocol is never an easy task where anonymity and authenticity are sometime conflicting to each other. Zhou et al. addressed the privacy requirement in their proposed three-party password-based authenticated key exchange (3PAKE) protocols using chaotic maps. Unfortunately, in this paper, we show that their protocol is vulnerable to a man-in-the-middle attack, an off-line password guessing attack, and a replay attack. To enhance the security, we propose a secure chaotic map-based 3PAKE protocol with mutual anonymity. Moreover, the security of our protocol is proved in the random oracle model. Also, analysis shows that the proposed scheme is more secure with similar performance. 
 


Keywords: chaotic map, authentication protocol, mutual anonymity, cryptanalysis, network security

  Retrieve PDF document (JISE_201802_04.pdf)