Cryptanalysis and enhancement of a chaotic maps-based three-party password authenticated key exchange protocol

被引：13

作者：

Hu, Xuexian ^{[1
,2
]}

Zhang, Zhenfeng ^{[1
]}

机构：

[1] Chinese Acad Sci, Inst Software, Trusted Comp & Informat Assurance Lab, Beijing, Peoples R China

[2] State Key Lab Math Engn & Adv Comp, Zhengzhou, Peoples R China

来源：

NONLINEAR DYNAMICS | 2014年 / 78卷 / 02期

基金：

中国博士后科学基金; 国家高技术研究发展计划(863计划); 中国国家自然科学基金;

关键词：

Chaotic maps; Key exchange protocol; Anonymity; Man-in-the-middle attack;

D O I：

10.1007/s11071-014-1515-x

中图分类号：

TH [机械、仪表工业];

学科分类号：

0802 ;

摘要：

Recently, Lee et al. (Nonlinear Dyn, 73(1-2):125-132, 2013) proposed a three party password authenticated key exchange with user anonymity by utilizing extended chaotic maps. They claimed that their protocol is more secure than previously proposed schemes. In this paper, our analysis shows that Lee et al.'s protocol suffers from two kinds of attacks: (1) man-in-the-middle attack, and (2) user anonymity attack. To overcome these weakness, we propose an enhanced protocol that can resist the attacks described and yet with comparable efficiency.

引用

页码：1293 / 1300

页数：8

共 13 条

[1] Abdalla M, 2005, LECT NOTES COMPUT SC, V3376, P191
[2] Chang YF, 2008, INT J INNOV COMPUT I, V4, P953
[3] Three weaknesses in a simple three-party key exchange protocol
Chung, Hao-Rung
Ku, Wei-Chi
[J]. INFORMATION SCIENCES, 2008, 178 (01) : 220 - 229
[4] Cryptanalysis of simple three-party key exchange protocol
Guo, Hua
Li, Zhoujun
Mu, Yi
Zhang, Xiyong
[J]. COMPUTERS & SECURITY, 2008, 27 (1-2) : 16 - 21
[5] He DB, 2010, INFORM-J COMPUT INFO, V34, P337
[6] A simple three-party password-based key exchange protocol
Huang, Hui-Feng
[J]. INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2009, 22 (07) : 857 - 862
[7] A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps
Lee, Cheng-Chi
Li, Chun-Ta
Hsu, Che-Wei
[J]. NONLINEAR DYNAMICS, 2013, 73 (1-2) : 125 - 132
[8] Simple three-party key exchange protocol
Lu, Rongxing
Cao, Zhenfu
[J]. COMPUTERS & SECURITY, 2007, 26 (01) : 94 - 97
[9] An Off-Line Dictionary Attack on a Simple Three-Party Key Exchange Protocol
Nam, Junghyun
Paik, Juryon
Kang, Hyun-Kyu
Kim, Ung Mo
Won, Dongho
[J]. IEEE COMMUNICATIONS LETTERS, 2009, 13 (03) : 205 - 207
[10] Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)
Phan, Raphael C. -W.
Yau, Wei-Chuen
Gol, Bok-Min
[J]. INFORMATION SCIENCES, 2008, 178 (13) : 2849 - 2856

← 1 2 →