# Improvement in new three-party-authenticated key agreement scheme based on chaotic maps without password table

- 54 Downloads

## Abstract

A three-party-authenticated key agreement (3PAKA) scheme allows two participants to establish shared secure session key (3SK) via trusted server over a public network. Recently, Lee et al. (Nonlinear Dyn 79(4):2485–2495, 2015) proposed a new 3PAKA protocol based on chaotic maps without password table. They claimed that the proposed scheme can establish a common session key among two users with security and users anonymity. Unfortunately, Lee et al.’s scheme is vulnerable to impersonation attack when the adversary is an internal user. Furthermore, in this paper, we will prove that Lee et al.’s scheme cannot guarantee user anonymity. To exhibit these flaws, we apply an automatic protocol verifier tool, Proverif. Therefore, we have put forward some improvements to overcome the weaknesses of Lee et al.’s protocol. We apply Proverif to show that the proposed improvement can satisfy security and authentication properties. The performance analysis shows that the proposed enhancement is efficient.

## Keywords

Key agreement protocol Anonymity Chebyshev chaotic map User impersonation attack Protocol security## Notes

### Compliance with ethical standards

### Conflict of interest

The authors declare that they have no conflict of interest.

## References

- 1.Niu, Y., Wang, X.: An anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul.
**16**(4), 1986–1992 (2011)MathSciNetzbMATHGoogle Scholar - 2.Menezes, A., Van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)zbMATHGoogle Scholar
- 3.Lee, C.C., Chen, C.L., Wu, C.Y., Huang, S.Y.: An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dyn.
**69**(12), 7987 (2012)MathSciNetzbMATHGoogle Scholar - 4.Lee, C.C., Hsu, C.W.: A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn.
**71**, 201–211 (2012). https://doi.org/10.1007/s11071-012-0652-3 MathSciNetGoogle Scholar - 5.Wang, X., Yang, L., Liu, R.: A chaotic image encryption algorithm based on perceptron model. Nonlinear Dyn.
**62**, 615–621 (2010)zbMATHGoogle Scholar - 6.Wang, X., Wang, X., Zhao, J.: Chaotic encryption algorithm based on alternant of stream cipher and block cipher. Nonlinear Dyn.
**63**, 587–597 (2011)MathSciNetGoogle Scholar - 7.Jye, S.: A speech encryption using fractional chaotic systems. Nonlinear Dyn.
**65**, 103–108 (2011)MathSciNetzbMATHGoogle Scholar - 8.Xue, K., Hong, P.: Security improvement on an anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul.
**17**(7), 2969–2977 (2012)MathSciNetzbMATHGoogle Scholar - 9.Jabbari, A., Bagherzadeh, J.: A revised key agreement protocol based on chaotic maps. Nonlinear Dyn.
**78**, 669–680 (2014). https://doi.org/10.1007/s11071-014-1467-1 MathSciNetzbMATHGoogle Scholar - 10.Farash, M.S., Attari, M.A.: Cryptanalysis and improvement of a chaotic map-based key agreement protocol using Chebyshev sequence membership testing. Nonlinear Dyn.
**76**(2), 1203–1213 (2014)MathSciNetzbMATHGoogle Scholar - 11.Lee, C.C., Lou, D.C., Li, C.T., Hsu, C.W.: An extended chaotic-maps-based protocol with key agreement for multiserver environments. Nonlinear Dyn.
**76**(1), 853–866 (2014)MathSciNetzbMATHGoogle Scholar - 12.Xiao, D., Liao, X., Deng, S.: A novel key agreement protocol based on chaotic maps. Inf. Sci.
**177**(4), 1136–1142 (2007)MathSciNetGoogle Scholar - 13.Islam, S.H.: Provably secure dynamic identity-based threefactor password authentication scheme using extended chaotic maps. Nonlinear Dyn.
**78**, 2261–2276 (2014)Google Scholar - 14.Gong, P., Li, P., Shi, W.: A secure chaotic maps-based key agreement protocol without using smart cards. Nonlinear Dyn.
**70**(4), 2401–2406 (2012)MathSciNetGoogle Scholar - 15.Han, S., Chang, E.: Chaotic map based key agreement with/out clock synchronization. Chaos Solitons Fractals
**39**(3), 1283–1289 (2009)MathSciNetzbMATHGoogle Scholar - 16.Tan, Z.: A chaotic maps-based authenticated key agreement protocol with strong anonymity. Nonlinear Dyn.
**72**(12), 311–320 (2013)MathSciNetzbMATHGoogle Scholar - 17.Hang, T., Kumar, N., He, D., Kim, J., Lee, C.: An efficient password-based three-party authenticated multiple key exchange protocol for wireless mobile networks. J Supercomput.
**70**(1), 224–235 (2014). https://doi.org/10.1007/s11227-014-1198-6 Google Scholar - 18.Xie, Q., Hu, B., Wu, T.: Improvement of a chaotic maps-based three-party password-authenticated key exchange protocol without using server’s public key and smart card. Nonlinear Dyn.
**79**(4), 2345–2358 (2015)MathSciNetzbMATHGoogle Scholar - 19.Wang, X., Zhao, J.: An improved key agreement protocol based on chaos. Commun. Nonlinear Sci. Numer. Simul.
**15**(12), 4052–4057 (2010)MathSciNetzbMATHGoogle Scholar - 20.Yoon, E., Jeon, I.: An efficient and secure DiffieHellman key agreement protocol based on Chebyshev chaotic map. Commun. Nonlinear Sci. Numer. Simul.
**16**(6), 2383–2389 (2011)MathSciNetzbMATHGoogle Scholar - 21.Xie, Q., Zhao, J., Yu, X.: Chaotic maps-based three-party password-authenticated key agreement scheme. Nonlinear Dyn.
**74**(4), 1021–1027 (2013)MathSciNetzbMATHGoogle Scholar - 22.Lai, H., Orgun, M.A., Xiao, J.H., Pieprzyk, J., Xue, L.Y., Yang, Y.X.: Provably secure three-party key agreement protocol using Chebyshev chaotic maps in the standard model. Nonlinear Dyn.
**77**(4), 1427–1439 (2014)MathSciNetzbMATHGoogle Scholar - 23.Lee, T.-F.: Verifier-based three-party authentication schemes using extended chaotic maps for data exchange in telecare medicine information systems. Comput. Methods Program Biomed.
**117**(3), 464–472 (2014)Google Scholar - 24.Lee, T.-F.: Efficient three-party authenticated key agreements based on Chebyshev chaotic map-based DiffieHellman assumption. Nonlinear Dyn.
**81**(4), 2071–2078 (2015)Google Scholar - 25.Lee, T.-F., Lin, C.-Y., Lin, C.-L., Hwang, T.: Provably secure extended chaotic map-based three-party key agreement protocols using password authentication. Nonlinear Dyn.
**82**(1), 29–38 (2015)MathSciNetzbMATHGoogle Scholar - 26.Farash, M.S., Attari, M.A.: An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps. Nonlinear Dyn.
**77**(12), 399–411 (2014)MathSciNetzbMATHGoogle Scholar - 27.Lai, H., Xiao, J., Li, L., Yang, Y.: Applying semigroup property of enhanced Chebyshev polynomials to anonymous authentication protocol. Math. Probl. Eng. (2012). https://doi.org/10.1155/2012/454823
- 28.Zhao, F., Gong, P., Li, S., Li, M., Li, P.: Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials. Nonlinear Dyn.
**74**(12), 419–427 (2013)MathSciNetzbMATHGoogle Scholar - 29.Lee, C., Li, C., Hsu, C.: A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps. Nonlinear Dyn.
**73**(12), 125–132 (2013)MathSciNetzbMATHGoogle Scholar - 30.Hu, X., Zhang, Z.F.: Cryptanalysis and enhancement of a chaotic maps-based three-party password authenticated key exchange protocol. Nonlinear Dyn.
**78**, 1293–1300 (2014). https://doi.org/10.1007/s11071-014-1515-x zbMATHGoogle Scholar - 31.Xie, Q., Hu, B., Dong, N., Wong, D.S.: Anonymous threeparty password-authenticated key exchange scheme for telecare medical information systems. PLoS ONE
**9**(7), e102747 (2014). https://doi.org/10.1371/journal.pone.0102747 Google Scholar - 32.Irshad, A., Sher, M., Chaudhary, S.A., Naqvi, H., Farash, M.S.: An efficient and anonymous multi-server authenticated key agreement based on chaotic map without engaging Registration Centre. J. Supercomput.
**72**(4), 1623–1644 (2016). https://doi.org/10.1007/s11227-016-1688-9 Google Scholar - 33.Lee, C.-C., Li, C.-T., Chiu, S.-T., Lai, Y.-M.: A new threeparty-authenticated key agreement scheme based on chaotic maps without password table. Nonlinear Dyn.
**79**(4), 2485–2495 (2015)zbMATHGoogle Scholar - 34.Xie, Q., Zhao, J., Yu, X.: Chaotic maps-based three-party password-authenticated key agreement scheme. Nonlinear Dyn.
**74**(4), 1021–1027 (2013)MathSciNetzbMATHGoogle Scholar - 35.Qi, X., Bin, H., Ke-Fei, C., Wen-Hao, L., Xiao, T.: Chaotic maps and biometrics based anonymous three-party authenticated key exchange protocol without using passwords. Chin. Phys. B.
**24**(11), 110–505 (2015)Google Scholar - 36.Ge, X., Lu, B., Liu, F., Luo, X.: Cryptanalyzing an image encryption algorithm with compound chaotic stream cipher based on perturbation. Nonlinear Dyn.
**90**(2), 1141–1150 (2017)MathSciNetzbMATHGoogle Scholar - 37.Akgul, A., Kacar, S., Aricioglu, B.: A new two-level data hiding algorithm for high security based on a nonlinear system. Nonlinear Dyn.
**90**(2), 1123–1140 (2017)MathSciNetGoogle Scholar - 38.Vaseghi, B., Pourmina, M.A., Mobayen, S.: Secure communication in wireless sensor networks based on chaos synchronization using adaptive sliding mode control. Nonlinear Dyn.
**89**(3), 1689–1704 (2017)MathSciNetzbMATHGoogle Scholar - 39.Zhang, L.: Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos Solitons Fractals
**37**(3), 669–674 (2008)MathSciNetzbMATHGoogle Scholar - 40.He, D., Chen, Y., Chen, J.: Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn.
**69**(3), 1149–1157 (2012)MathSciNetzbMATHGoogle Scholar