Improvement in new three-party-authenticated key agreement scheme based on chaotic maps without password table
0103 physical sciences
0202 electrical engineering, electronic engineering, information engineering
02 engineering and technology
01 natural sciences
DOI:
10.1007/s11071-018-04748-y
Publication Date:
2019-01-14T07:02:39Z
AUTHORS (2)
ABSTRACT
A three-party-authenticated key agreement (3PAKA) scheme allows two participants to establish shared secure session key (3SK) via trusted server over a public network. Recently, Lee et al. (Nonlinear Dyn 79(4):2485–2495, 2015) proposed a new 3PAKA protocol based on chaotic maps without password table. They claimed that the proposed scheme can establish a common session key among two users with security and users anonymity. Unfortunately, Lee et al.’s scheme is vulnerable to impersonation attack when the adversary is an internal user. Furthermore, in this paper, we will prove that Lee et al.’s scheme cannot guarantee user anonymity. To exhibit these flaws, we apply an automatic protocol verifier tool, Proverif. Therefore, we have put forward some improvements to overcome the weaknesses of Lee et al.’s protocol. We apply Proverif to show that the proposed improvement can satisfy security and authentication properties. The performance analysis shows that the proposed enhancement is efficient.
SUPPLEMENTAL MATERIAL
Coming soon ....
REFERENCES (40)
CITATIONS (19)
EXTERNAL LINKS
PlumX Metrics
RECOMMENDATIONS
FAIR ASSESSMENT
Coming soon ....
JUPYTER LAB
Coming soon ....