Chaotic map based key agreement with/out clock synchronization

Abstract

In order to address Bergamo et al.’s attack, Xiao et al. proposed a key agreement protocol using chaotic maps. Han then presented three attacks on Xiao et al.’s protocol. To enhance the security of key agreement based on chaotic maps, Chang et al. proposed a new key agreement using passphrase, which works in clock synchronization environment. However, their protocol still has some issues: one is its passphrase is not easy to remember and much longer than password; the second one is it cannot resist guessing attack if the constructed passphrase is easy to remember and also has already existed in some rational dictionaries; the third one is it cannot work without clock synchronization. In this paper, we will present two different key agreement protocols, which can resist guessing attack. The first one works in clock synchronization environment. The second one can work without clock synchronization. They both use authenticated password for secure communications. The protocols are secure against replaying attacks and a shared session key can be established.

Introduction

A key agreement/exchange protocol is a protocol which enables two or more parties to agree on a key or exchange some information in such a way that both of them decide on the established session key. If properly done, this precludes undesired third-parties from forcing a key choice on the agreeing/exchanging parties. Protocols which are useful in practice also do not reveal to any eavesdropping party what key has been agreed upon or exchanged.

A secure key agreement protocol can help communication parties to establish a shared secret session key [1], [8], [16]. The communication parties then use the shared session key for subsequent communications. Therefore, building secure key agreement protocols over public channel is one of the primitive goals in information security. Since Diffie and Hellman created the first key agreement protocol [7], some key agreement protocols have been proposed. However, most of the existing key agreement protocols are based on number theory [16].

In recent years, chaos as a universal, random-like and robust phenomenon has received significant concern and research from multidisciplinary areas [2], [3], [6], [9], [14], e.g. from physical science to computer science, from electric engineering to telecommunication, and from mathematics to non-linear science.

One of the successful and significant interdisciplinary applications for chaos is in secure communications [1], [3], [5], [8], [10], [12], [15]. Currently, there have been two main approaches to the use of chaotic systems in designing cryptosystems: the analog one and the digital one. The analog approach uses hardware-based synchronized chaotic circuits where, chaos synchronization is achieved [4], [6], [9]. The digital one is designed for digital computer with chaotic discrete dynamical systems [5], [10].

Kocarev et al. created new encryption system, which was a cryptographic system using chaotic maps, especially Chebyshev chaotic maps [10]. Following Kocarev et al.’s work which applied chaotic map to information security, Xiao et al. proposed a key agreement. Bergamo et al. then developed an attack on the protocol. To improve the security of key agreement based on chaotic maps, Xiao et al. further used chaotic maps to propose a new key agreement protocol [13]. However, their new protocol has been compromised by Han’s method [8]. Subsequently, Chang et al. proposed a new key agreement protocol using chaotic map and passphrase [5]. Chang et al.’s protocol addressed the security issues in previous key agreement using chaotic maps. However, their protocol can only work in clock synchronization environment.

Therefore, in order to enhance the security and extend the flexibility and the usability, in this paper, we will develop two new key agreement protocols which both use chaotic maps. Further, the proposed key agreements will have the following properties: (1) The first one works with clock synchronization. The second one works without clock synchronization; (2) The two protocols can resist guessing attack; (3) The private keys can be not so large numbers as 2048 bit-length; (4) The two communication parties are mutually authenticated; (5) The communication parties use authenticated password for secure communications; (6) If there exists a replaying attacker interfering with the communication, they can still establish a shared session key securely.