Skip to main content
SpringerLink
Log in

An extended chaotic-maps-based protocol with key agreement for multiserver environments

  • Original Paper
  • Published:
Nonlinear Dynamics Aims and scope Submit manuscript

Abstract

Due to the rapid development and growth of computer networks, there have been greater and greater demands for remote password authentication protocols. Recently, the focus has been on protocols for multiserver environments that run on smart cards. These protocols typically count on the nonce or timestamp to provide protection against the replay attack. However, as Tsaur et al. pointed out, these protocols have some security issues such as disturbance in clock synchronization and vulnerability to the man-in-the-middle attack. In order to solve the above problems, Tsaur et al. proposed a multiserver authentication scheme with key agreement in 2012, and they claimed that their scheme could effectively achieve password-authenticated key agreement while getting around the technical difficulty of implementing clock synchronization in multiserver environments. Unfortunately, we found out that Tsaur et al.’s protocol still has the following weaknesses: (1) inability to resist privileged insider attack, (2) inability to resist known-plaintext attack, (3) inability to provide user anonymity, and (4) lack of perfect forward secrecy. To fix these secure flaws of Tsaur et al.’s protocol, in this paper, we shall propose an improved multiserver authentication protocol with key agreement based on extended chaotic maps. We shall also offer formal proof of smooth execution of the improved authenticated key agreement protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Bergamo, P., D’Arco, P., De Santis, A., Kocarev, L.: Security of public-key cryptosystems based on Chebyshev polynomials. IEEE Trans. Circuits Syst. I, Regul. Pap. 52(7), 1382–1393 (2005)

    Article  MathSciNet  Google Scholar 

  2. Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. Proc. R. Soc. Lond. Ser. A, Math. Phys. Sci. 426(1871), 233–271 (1989)

    Article  MATH  MathSciNet  Google Scholar 

  3. Chang, C.-C., Hwang, S.-J.: Using smart cards to authenticate remote passwords. Comput. Math. Appl. 26(7), 19–27 (1993)

    Article  MATH  Google Scholar 

  4. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  5. Han, S., Chang, E.: Chaotic map based key agreement with/out clock synchronization. Chaos Solitons Fractals 39(3), 1283–1289 (2009)

    Article  MATH  MathSciNet  Google Scholar 

  6. He, D., Chen, Y., Chen, J.: Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn. 69(3), 1149–1157 (2012)

    Article  MATH  MathSciNet  Google Scholar 

  7. He, D., Ma, M., Zhang, Y., Chen, C., Bu, J.: A strong user authentication scheme with smart cards for wireless communications. Comput. Commun. 34(3), 367–374 (2011)

    Article  Google Scholar 

  8. He, H., Wu, S., Chen, J.: Note on design of improved password authentication and update scheme based on elliptic curve cryptography. Math. Comput. Model. 55(3–4), 1661–1664 (2012)

    Article  MATH  MathSciNet  Google Scholar 

  9. Hwang, M.-S., Li, L.-H.: A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1), 28–30 (2000)

    Article  Google Scholar 

  10. Hwang, C.-L., Shih, C.-Y.: A distributed active-vision network-space approach for the navigation of a car-like wheeled robot. IEEE Trans. Ind. Electron. 56(3), 846–855 (2009)

    Article  Google Scholar 

  11. Juang, W.-S.: Efficient multi-server password authenticated key agreement using smart cards. IEEE Trans. Consum. Electron. 50(1), 251–255 (2004)

    Article  Google Scholar 

  12. Juang, W.-S., Chen, S.-T., Liaw, H.-T.: Robust and efficient password-authenticated key agreement using smart cards. IEEE Trans. Ind. Electron. 55(6), 2551–2556 (2008)

    Article  Google Scholar 

  13. Kohl, J.T., Neuman, B.C., Theodore, Y.: The evolution of the Kerberos authentication service. In: Distributed Open Systems, pp. 78–94. IEEE Computer Society Press, Los Alamitos (1994)

    Google Scholar 

  14. Lee, C.-C.: On security of an efficient nonce-based authentication scheme for SIP. Int. J. Netw. Secur. 9(3), 201–203 (2009)

    Google Scholar 

  15. Lee, C.-C., Chen, C.-L., Wu, C.-Y., Huang, S.-Y.: An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dyn. 69(1–2), 79–87 (2012)

    Article  MATH  MathSciNet  Google Scholar 

  16. Lee, C.-C., Hsu, C.-W.: A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn. 71(1–2), 201–211 (2013)

    Article  MathSciNet  Google Scholar 

  17. Lee, C.-C., Hwang, M.-S., Liao, I.-E.: Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Trans. Ind. Electron. 53(5), 1683–1687 (2006)

    Article  Google Scholar 

  18. Lee, C.-C., Li, C.-T., Chang, R.-X.: A simple and efficient authentication scheme for mobile satellite communication systems. Int. J. Satell. Commun. Netw. 30(1), 29–38 (2012)

    Article  Google Scholar 

  19. Lee, C.-C., Liu, C.-H., Hwang, M.-S.: Guessing attacks on strong-password authentication protocol. Int. J. Netw. Secur. 15(1), 64–67 (2013)

    Google Scholar 

  20. Li, C.-T., Lee, C.-C.: A robust remote user authentication scheme using smart card. Inf. Technol. Control 40(3), 236–245 (2011)

    Google Scholar 

  21. Li, C.-T., Lee, C.-C., Weng, C.-Y., Fan, C.-I.: An extended multi-server-based user authentication and key agreement scheme with user anonymity. KSII Trans. Internet Inf. Syst. 7(1), 119–131 (2013)

    Google Scholar 

  22. Li, L.-H., Lin, I.-C., Hwang, M.-S.: A remote password authentication scheme for multi-server architecture using neural networks. IEEE Trans. Neural Netw. 12(6), 1498–1504 (2001)

    Article  Google Scholar 

  23. Lin, I.-C., Hwang, M.-S., Li, L.-H.: A new remote user authentication scheme for multi-server architecture. Future Gener. Comput. Syst. 19(1), 13–22 (2003)

    Article  MATH  Google Scholar 

  24. Mason, J.C., Handscomb, D.C.: Chebyshev Polynomials. Chapman & Hall/CRC Press, London (2003)

    MATH  Google Scholar 

  25. Menkus, B.: Understanding the use of passwords. Comput. Secur. 7(2), 132–136 (1988)

    Article  Google Scholar 

  26. Sheu, L.-J.: A speech encryption using fractional chaotic systems. Nonlinear Dyn. 65(1–2), 103–108 (2011)

    Article  MATH  MathSciNet  Google Scholar 

  27. Sun, D.-Z., Huai, J.-P., Sun, J.-Z., Li, J.-X., Zhang, J.-W., Feng, Z.-Y.: Improvements of Juang’s password-authenticated key agreement scheme using smart cards. IEEE Trans. Ind. Electron. 56(6), 2284–2291 (2009)

    Article  Google Scholar 

  28. Tan, Z.: A chaotic maps-based authenticated key agreement protocol with strong anonymity. Nonlinear Dyn. 72(1), 311–320 (2013)

    Article  MATH  Google Scholar 

  29. Tsai, J.-L.: Efficient multi-server authentication scheme based on one-way hash function without verification table. Comput. Secur. 27(3–4), 115–121 (2008)

    Article  Google Scholar 

  30. Tsai, C.-S., Lee, C.-C., Hwang, M.-S.: Password authentication schemes: current status and key issues. Int. J. Netw. Secur. 3(2), 101–115 (2006)

    Google Scholar 

  31. Tsaur, W.-J., Li, J.-H., Lee, W.-B.: An efficient and secure multi-server authentication scheme with key agreement. J. Syst. Softw. 85(4), 876–882 (2012)

    Article  Google Scholar 

  32. Vaidya, B., Park, J.-H., Yeo, S.-S., Rodrigues, J.J.P.C.: Robust one-time password authentication scheme using smart card for home network environment. Comput. Commun. 34(3), 326–336 (2011)

    Article  Google Scholar 

  33. Wang, X., Wang, X., Zhao, J., Zhang, Z.: Chaotic encryption algorithm based on alternant of stream cipher and block cipher. Nonlinear Dyn. 63(4), 587–597 (2011)

    Article  MathSciNet  Google Scholar 

  34. Wang, X.-Y., Yang, L., Liu, R., Kadir, A.: A chaotic image encryption algorithm based on perceptron model. Nonlinear Dyn. 62(3), 615–621 (2010)

    Article  MATH  Google Scholar 

  35. Wessels, J.: Application of BAN-Logic, CMG Public Sector B.V. (2001). Available at http://www.win.tue.nl/ipa/archive/springdays2001/banwessels.pdf. Access date: 2013/4/22

  36. Xiao, D., Liao, X., Deng, S.: One-way Hash function construction based on the chaotic map with changeable-parameter. Chaos Solitons Fractals 24(1), 65–71 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  37. Xiao, D., Shih, F., Liao, X.: A chaos-based hash function with both modification detection and localization capabilities. Commun. Nonlinear Sci. Numer. Simul. 15(9), 2254–2261 (2010)

    Article  MATH  MathSciNet  Google Scholar 

  38. Yoon, E.-J., Yoo, K.-Y.: Cryptanalysis of robust e-mail protocols with perfect forward secrecy. IEEE Commun. Lett. 11(5), 372–374 (2007)

    Article  Google Scholar 

  39. Zhang, L.: Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos Solitons Fractals 37(3), 669–674 (2008)

    Article  MATH  MathSciNet  Google Scholar 

Download references

Acknowledgements

The authors would like to express their appreciation to the anonymous referees for their valuable suggestions and comments. This research was partially supported by the National Science Council, Taiwan, ROC, under contract no. NSC102-2221-E-030-003.

Author information

Authors and Affiliations

  1. Department of Library and Information Science, Fu Jen Catholic University, 510 Jhongjheng Rd., Sinjhuang Dist., New Taipei City, 24205, Taiwan, ROC

    Cheng-Chi Lee & Che-Wei Hsu

  2. Department of Photonics & Communication Engineering, Asia University, No. 500, Lioufeng Road, Wufeng Shiang, Taichung, 402, Taiwan, ROC

    Cheng-Chi Lee

  3. Department of Computer Science and Information Engineering, Chang Gung University, Tao-Yuan, 33302, Taiwan, ROC

    Der-Chyuan Lou

  4. Department of Information Management, Tainan University of Technology, 529 Zhongzheng Road, Tainan, 71002, Taiwan, ROC

    Chun-Ta Li

Authors
  1. Cheng-Chi Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Der-Chyuan Lou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chun-Ta Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Che-Wei Hsu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Der-Chyuan Lou or Chun-Ta Li.

Additional information

D.-C. Lou and C.-C. Lee contributed equally to this work.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Lee, CC., Lou, DC., Li, CT. et al. An extended chaotic-maps-based protocol with key agreement for multiserver environments. Nonlinear Dyn 76, 853–866 (2014). https://doi.org/10.1007/s11071-013-1174-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11071-013-1174-3

Keywords

Search

Navigation