KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Novel Two-party Scheme against Off-line Password Guessing Attacks using New Theorem of Chaotic maps

  • Received : 2017.05.09
  • Accepted : 2017.08.01
  • Published : 2017.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Over the years, more password-based authentication key agreement schemes using chaotic maps were susceptible to attack by off-line password guess attack. This work approaches this problem by a new method--new theorem of chaotic maps: $T_{a+b}(X)+T_{a-b}(X)=2T_a(X)T_b(X)$,(a>b). In fact, this method can be used to design two-party, three-party, even in N-party intelligently. For the sake of brevity and readability, only a two-party instance: a novel Two-party Password-Authenticated Key Agreement Protocol is proposed for resisting password guess attack in this work. Compared with the related literatures recently, our proposed scheme can be not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. For capturing improved ratio of security and efficiency intuitively, the paper firstly proposes a new parameter called security/efficiency ratio(S/E Ratio). The higher the value of the S/E Ratio, the better it is. Finally, we give the security proof and the efficiency analysis of our proposed scheme.

Keywords

References

  1. Whitfield Diffie, Martin E.Hellman, "New directions in cryptography," IEEE Trans. Inf. Theory, vol. 22, no. 6, pp. 644-654, November, 1976. https://doi.org/10.1109/TIT.1976.1055638
  2. M. S. Baptista, "Cryptography with chaos," Physics Letters A, vol. 240, no. 1, pp. 50-54, Mar. 1998. https://doi.org/10.1016/S0375-9601(98)00086-3
  3. X.F.Guo and J.Zhang, "Secure group key agreement protocol based on chaotic Hash," Information Sciences, vol. 180, no. 20, pp. 4069-4074, Otc. 2010. https://doi.org/10.1016/j.ins.2010.06.013
  4. Tian-Fu Lee, "Enhancing the security of password authenticated key agreement protocols based on chaotic maps," Inf. Sci. vol. 290, pp. 63-71 , January, 2015. https://doi.org/10.1016/j.ins.2014.08.041
  5. Yu Liu, Kaiping Xue, "An improved secure and efficient password and chaos-based two-party key agreement protocol," Nonlinear Dyn. vol. 84, no. 2, pp. 549-557, November, 2015.
  6. Hongfeng Zhu, "A Provable One-way Authentication Key Agreement Scheme with User Anonymity for Multi-server Environment," KSII Transactions on Internet & Information Systems, vol. 9, no. 2, pp. 811-829, Feb. 2015. https://doi.org/10.3837/tiis.2015.02.019
  7. Hongfeng Zhu, "Sustained and Authenticated of a Universal Construction for Multiple Key Agreement Based on Chaotic Maps with Privacy Preserving," Journal of Internet Technology, vol. no.5, pp. 1-10, September, 2016.
  8. Ozkaynak Fatih, "Cryptographically secure random number generator with chaotic additional input," Nonlinear Dynamics, vol. 78, no. 3, pp. 2015-2020, Jul. 2014. https://doi.org/10.1007/s11071-014-1591-y
  9. Chen Jianyong, J. Zhou, and K. W. Wong. "A Modified Chaos-Based Joint Compression and Encryption Scheme." IEEE Transactions on Circuits & Systems II Express Briefs, vol. 58, no. 2, pp. 110-114, Feb. 2011. https://doi.org/10.1109/TCSII.2011.2106316
  10. P. Bergamo, P. DArco, A. De Santis, and L. Kocarev, "Security of public-key cryptosystems based on Chebyshev polynomials," IEEE Transactions on Circuits and Systems I: Regular Papers, vol. 52, no. 7, pp. 1382-1393, Jul. 2005. https://doi.org/10.1109/TCSI.2005.851701
  11. S.J. Xu, X.B. Chen, R. Zhang, Y.X. Yang, and Y.C. Guo, "An improved chaotic cryptosystem based on circular bit shift and XOR operations," Physics Letters A, vol. 376, no. 10-11, pp. 1003-1010, Feb. 2012. https://doi.org/10.1016/j.physleta.2012.01.040
  12. K. Chain and W.C. Kuo, "A new digital signature scheme based on chaotic maps," Nonlinear Dynamics, vol. 74, no. 4, pp. 1003-1012, Aug. 2013. https://doi.org/10.1007/s11071-013-1018-1
  13. Z. Tan, J. Ning, Y. Liu, X. Wang, G. Yang, and W. Yang, "ECRModel: An Elastic Collision-Based Rumor-Propagation Model in Online Social Networks," IEEE Access, vol. 4, pp. 6105-6120, September, 2016. https://doi.org/10.1109/ACCESS.2016.2612298
  14. Hongfeng Zhu, "A provable privacy-protection system for multi-server environment," Nonlinear Dynamics, vol. 82, no. 1-2, pp. 835-849, Jun. 2015. https://doi.org/10.1007/s11071-015-2198-7
  15. Hongfeng Zhu, "Flexible and Password-Authenticated Key Agreement Scheme Based on Chaotic Maps for Multiple Servers to Server Architecture," Wireless Personal Communications, vol. 82, no. 3, pp. 1697-1718, Jan. 2015. https://doi.org/10.1007/s11277-015-2307-4
  16. D. Dolev and A. C. Yao, "On the security of public key protocols," IEEE Transactions on Information Theory, vol.29, no. 2, pp.198-208, Oct. 1981. https://doi.org/10.1109/TIT.1983.1056650
  17. S. H. Islam, "Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps," Nonlinear Dynamics, vol. 78, no. 3, pp. 2261-2276, Jul. 2014. https://doi.org/10.1007/s11071-014-1584-x
  18. X. Wang and J. Zhao, "An improved key agreement protocol based on chaos," Communications in Nonlinear Science and Numerical Simulation, vol. 15, no. 12, pp. 4052-4057, Dec. 2010. https://doi.org/10.1016/j.cnsns.2010.02.014
  19. L. Zhang, "Cryptanalysis of the public key encryption based on multiple chaotic systems," Chaos, Solitons & Fractals, vol. 37, no. 3, pp. 669-674, Aug. 2008. https://doi.org/10.1016/j.chaos.2006.09.047
  20. L. Kocarev and S. Lian, Chaos-Based Cryptography. Springer Berlin Heidelberg, 2011.
  21. D. Mishra and S. Mukhopadhyay, "Cryptanalysis of Pairing-Free Identity-Based Authenticated Key Agreement Protocols," Lecture Notes in Computer Science, vol. 8303, pp. 247-254, 2013.
  22. D. Mishra, A. K. Das, A. Chaturvedi, and S. Mukhopadhyay, "A secure password-based authentication and key agreement scheme using smart cards,"Journal of Information Security and Applications, vol. 23, pp. 28-43, Aug. 2015. https://doi.org/10.1016/j.jisa.2015.06.003
  23. J. Srinivas, S. Mukhopadhyay, and D. Mishra, "A Self-Verifiable Password Based Authentication Scheme for Multi-Server Architecture Using Smart Card," Wireless Personal Communications, pp. 1-25, May, 2017.

Cited by

  1. An Automatically Iterated One-Time Basis Authenticated Scheme Against Relay Attack vol.109, pp.3, 2017, https://doi.org/10.1007/s11277-019-06656-9