Top

Wireless Personal Communications

Published in:

07-02-2017

An Improved and Secure Chaotic-Map Based Multi-server Authentication Protocol Based on Lu et al. and Tsai and Lo’s Scheme

Authors: Azeem Irshad, Muhammad Sher, Muhammad Usman Ashraf, Bander A. Alzahrani, Fan Wu, Qi Xie, Saru Kumari

Published in: Wireless Personal Communications | Issue 3/2017

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The simple password based authentication techniques have been evolving into more secure and advanced protocols, capable of countering the advanced breed of threats. Following this development, the multi-server authentication (MSA), lets subscribers the provision of services from various service providers out of a single registration performed initially. The user seeks to register from registration centre first, and could avail a range of services onwards. The research efforts on MSA based framework, for making it lightweight and security resilient, has been going on a reasonable pace. However, yet we have not come up with a framework that can be relied upon for deployment in an access network bearing nodes that demand low computational cost. Recently, in this regard, Tsai and Lo presented a chaotic map-based multi-server authentication protocol. However, the Tsai and Lo scheme is found vulnerable to key-compromise impersonation attack, Bergamo et al. and password guessing attack by Lu et al. In return, Lu et al. presented a model countering the flaws of Tsai and Lo scheme. We review both schemes and found that Tsai et al. is still vulnerable to more threats, and at the same time, we demonstrate that Lu et al. is also vulnerable to RC-spoofing attack, replay attack, anonymity failure and bears some technical flaws. In this paper, we propose a secure and efficient scheme improved upon Tsai et al. protocol. Besides, this study work presents the formal security analysis using BAN logic and performance efficiency has also been evaluated against contemporary protocols.

previous article Beamforming with a Simple Adaptive Partial Feedback Method in Cooperative Cognitive Radio Networks

next article A Novel Queen Honey Bee Migration (QHBM) Algorithm for Sink Repositioning in Wireless Sensor Network

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Xiao, D., Liao, X., & Deng, S. (2008). Using time-stamp to improve the security of a chaotic maps-based key agreement protocol. Information Sciences, 178, 1598–11602.MathSciNetCrossRefMATH

Han, S. (2008). Security of a key agreement protocol based on chaotic maps. Chaos, Solitons & Fractals, 38, 764–768.MathSciNetCrossRefMATH

Xiao, D., Liao, X., & Deng, S. (2007). A novel key agreement protocol based on chaotic maps. Information Sciences, 177, 1136–1142.MathSciNetCrossRef

Xiang, T., Wong, K., & Liao, X. (2009). On the security of a novel key agreement protocol based on chaotic maps. Chaos, Solitons & Fractals, 40(2), 672–675.CrossRefMATH

Han, S., & Chang, E. (2009). Chaotic map based key agreement with/out clock synchronization. Chaos, Solitons & Fractals, 39, 1283–1289.MathSciNetCrossRefMATH

Yoon, E. J., & Yoo, K. Y. (2008). A new key agreement protocol based on chaotic maps. In N. T. Nguyen, G. S. Jo, R. J. Howlett, & L. C. Jain (Eds.), Agent and multi-agent systems: Technologies and applications (pp. 897–906). Springer: Heidelberg.CrossRef

Gong, P., Li, P., & Shi, W. B. (2012). A secure chaotic maps-based key agreement protocol without using smart cards. Nonlinear Dynamics, 70(4), 2401–2406.MathSciNetCrossRef

Guo, X., & Zhang, J. (2010). Secure group key agreement protocol based on chaotic hash. Information Sciences, 180, 4069–4074.MathSciNetCrossRefMATH

Niu, Y., & Wang, X. (2011). An anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 16(4), 1986–1992.MathSciNetCrossRefMATH

10.

Wang, X., & Zhao, J. (2010). An improved key agreement protocol based on chaos. Communications in Nonlinear Science and Numerical Simulation, 15(12), 4052–4057.MathSciNetCrossRefMATH

11.

Tseng, H., Jan, R., & Yang, W. (2009). A chaotic maps-based key agreement protocol that preserves user anonymity. In IEEE international conference on communications (ICC09) (pp. 1–6).

12.

He, D., Chen, Y., & Chen, J. H. (2012). Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dynamics, 69(3), 1149–1157.MathSciNetCrossRefMATH

13.

Chaudhry, S. A., Naqvi, H., Mahmood, K., Ahmad, H. F., & Khan, M. K. (2016). An improved remote user authentication scheme using elliptic curve cryptography. Wireless Personal Communication. doi:10.1007/s11277-016-3745-3.

14.

Khan, I., Chaudhry, S. A., Sher, M., Khan, J. I., & Khan, M. K. (2016). An anonymous and provably secure biometric based authentication scheme using chaotic maps for accessing medical drop box data. Journal of Supercomputing. doi:10.1007/s11227-016-1886-5.

15.

Guo, C., & Chang, C. C. (2013). Chaotic maps-based password-authenticated key agreement using smart cards. Communications in Nonlinear Science and Numerical Simulation, 18(6), 1433–1440.MathSciNetCrossRefMATH

16.

Yoon, E. J. (2012). Efficiency and security problems of anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7), 2735–2740.MathSciNetCrossRefMATH

17.

Chaudhry, S. A. (2016). A secure biometric based multi-server authentication scheme for social multimedia networks. Multimedia Tools and Applications. doi:10.1007/s11042-015-3194-0.

18.

Lee, C. C., Li, C. T., & Hsu, C. W. (2013). A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps. Nonlinear Dynamics, 73(1–2), 125–132.MathSciNetCrossRefMATH

19.

Chaudhry, S. A., Naqvi, H., Sher, M., Farash, M. S., & Hassan, M. U. (2015). An improved and provably secure privacy preserving authentication protocol for SIP. Peer to Peer Networking and Applications. doi:10.1007/s12083-015-0400-9.

20.

Chaudhry, S. A., Naqvi, H., Shon, T., Sher, M., & Farash, M. S. (2015). Cryptanalysis and improvement of an improved two factor authentication protocol for telecare medical information systems. Journal of Medical Systems. doi:10.1007/s10916-015-0244-0.

21.

Chaudhry, S. A., Farash, M. S., Naqvi, H., Kumari, S., & Khan, M. K. (2015). An enhanced privacy preserving remote user authentication scheme with provable security. Security and Communication Networks. doi:10.1002/sec.1299.

22.

Kocarev, L. (2001). Chaos-based cryptography: a brief overview. IEEE Circuits and Systems Magazine, 1(3), 6–21.MathSciNetCrossRef

23.

Baptista, M. S. (1998). Cryptography with chaos. Physics Letters A, 240(1–2), 50–54.MathSciNetCrossRefMATH

24.

Xiao, D., Liao, X., & Deng, S. (2005). One-way hash function construction based on the chaotic map with changeable parameter. Chaos, Solitons & Fractals, 24, 65–71.MathSciNetCrossRefMATH

25.

Wang, Y., Wong, K., Liao, X., & Xiang, T. (2009). A block cipher with dynamic s-boxes based on tent map. Communications in Nonlinear Science and Numerical Simulation, 14(7), 3089–3099.MathSciNetCrossRefMATH

26.

Chen, G., Chen, Y., & Liao, X. (2007). An extended method for obtaining s-boxes based on three-dimensional chaotic Baker maps. Chaos, Solitons & Fractals, 31, 571–579.MathSciNetCrossRefMATH

27.

Juang, W. S. (2004). Efficient multi-server password authenticated key agreement using smart cards. IEEE Transactions on Consumer Electronics, 50(1), 251–255.CrossRef

28.

Chang, C. C., & Lee, J. S. (2004). An efficient and secure multi-server password authentication scheme using smart card. In Proceedings of the international conference on cyberworlds (pp. 417–422).

29.

Li, L. H., Lin, I. C., & Hwang, M. S. (2001). A remote password authentication scheme for multi-server architecture using neural networks. IEEE Transactions on Neural Networks, 12(6), 1498–1504.CrossRef

30.

Yeh, K. H., & Lo, N. W. (2010). A novel remote user authentication scheme for multi-server environment without using smart cards. International Journal of Innovative Computing Information and Control, 6(8), 3467–3478.

31.

Lee, J. S., Chang, Y. F., & Chang, C. C. (2008). A novel authentication protocol for multi-server architecture without smart cards. International Journal of Innovative Computing Information and Control, 4(6), 1357–1364.MathSciNet

32.

Tsai, J. L. (2008). Efficient multi-server authentication scheme based on one-way hash function without verification table. Computers & Security, 27(3–4), 115–121.CrossRef

33.

Khan, M. K., & He, D. (2012). A new dynamic identity-based authentication protocol for multi-server environment using elliptic curve cryptography. Security and Communication Networks, 5(11), 1260–1266.

34.

Li, X., Xiong, Y., Ma, J., & Wang, W. (2012). An enhanced and security dynamic identity based authentication protocol for multiserver architecture using smart cards. Journal of Network and Computer Applications, 35(2), 763–769.CrossRef

35.

Yeh, K. H., Lo, N. W., & Li, Y. (2011). Cryptanalysis of Hsiang-Shih’s authentication scheme for multi-server architecture. International Journal of Communication Systems, 24(7), 829–836.CrossRef

36.

Tsai, J. L., & Lo, N. W. (2015). A chaotic map-based anonymous multi-server authenticated key agreement protocol using smart card. International Journal of Communication Systems, 28(13), 1955–1963.CrossRef

37.

Han, W. (2012). Weaknesses of a dynamic identity based authentication protocol for multi-server architecture. arXiv:1201.0883v1, 2012. http://arxiv.org/abs/1201.0883.

38.

Tsai, J. L., Lo, N. W., & Wu, T. C. (2013). A new password-based multi-server authentication scheme robust to password guessing attacks. Wireless Personal Communications. doi:10.1007/s11277-012-0918-6.

39.

Lu, Y., Li, L., Peng, H., & Yang, Y. (2016). Cryptanalysis and improvement of a chaotic maps-based anonymous authenticated key agreement protocol for multiserver architecture. Security and Communication Networks, 9, 1321–1330.CrossRef

40.

Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. Advances in Cryptology—EUROCRYPT, 3027, 523–540. doi:10.1007/978-3-540-24676-3_31.MathSciNetMATH

Title: An Improved and Secure Chaotic-Map Based Multi-server Authentication Protocol Based on Lu et al. and Tsai and Lo’s Scheme
Authors: Azeem Irshad
Muhammad Sher
Muhammad Usman Ashraf
Bander A. Alzahrani
Fan Wu
Qi Xie
Saru Kumari
Publication date: 07-02-2017
Publisher: Springer US
Published in: Wireless Personal Communications / Issue 3/2017
Print ISSN: 0929-6212
Electronic ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-017-3990-0

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 3/2017

Energy Efficient Approach in Wireless Sensor Networks Using Game Theoretic Approach and Ant Colony Optimization

Optimal Representation of Large-Scale Graph Data Based on K2-Tree

Beamforming with a Simple Adaptive Partial Feedback Method in Cooperative Cognitive Radio Networks

Improving the Physical Layer Security in Cooperative Networks with Multiple Eavesdroppers

Effective SINR for MIMO System with Decorrelation Based Receive Transformation Under Multi-user Interference

Reliable and Energy Efficient Communication Algorithm in Hierarchical Wireless Sensor Networks