有效的基于混沌映射的三方认证密钥协商协议

doi:10.11959/j.issn.2096-109x.2016.00060

网络与信息安全学报 ›› 2016, Vol. 2 ›› Issue (6): 13-21.doi: 10.11959/j.issn.2096-109x.2016.00060

有效的基于混沌映射的三方认证密钥协商协议

李雄¹(),吴凡²,廖俊国¹,刘玉珍¹

¹ 湖南科技大学计算机科学与工程学院，湖南湘潭411201
² 厦门工学院计算机科学与工程系，福建厦门361021

修回日期:2016-06-03 出版日期:2016-06-15 发布日期:2020-03-26
作者简介:李雄（1984-），男，土家族，湖南张家界人，博士，湖南科技大学副教授、硕士生导师，主要研究方向为信息安全和密码学。|吴凡（1981-），男，山东济宁人，厦门理工学院讲师，主要研究方向为信息安全和网络协议。|廖俊国（1972-），男，湖南衡阳人，博士，湖南科技大学教授、硕士生导师，主要研究方向为网络与信息安全。|刘玉珍（1979-），男，山东单县人，博士，湖南科技大学讲师，主要研究方向为密码学、智能计算。
基金资助:
国家自然科学基金资助项目(61300220);湖南省教育厅一般基金资助项目(15C0545);福建省高校杰出青年科研人才培育基金资助项目;福建省中青年教师教育科研基金资助项目(JA14369)

Efficient three-party authenticated key agreement protocol based on chaotic map

Xiong LI¹(),Fan WU²,Jun-guo LIAO¹,Yu-zhen LIU¹

¹ School of Computer Science and Engineering,Hunan University of Science and Technology,Xiangtan 411201,China
² Department of Computer Science and Engineering,Xiamen Institute of Technology,Xiamen 361021,China

Revised:2016-06-03 Online:2016-06-15 Published:2020-03-26
Supported by:
The National Natural Science Foundation of China(61300220);Scientific Research Foundation of Hu-nan Provincial Education Department(15C0545);University Distinguished Young Research Talent Training Program of Fujian Province;The Education Scientific Research Project for Young Teachers of Fujian(JA14369)

摘要/Abstract

摘要：

由于良好的密码特性，混沌映射被用于设计密钥协商协议。在多数基于混沌映射的口令三方密钥协商协议中，服务器需存储用户口令表，使这些协议容易遭受口令相关的攻击，且一旦口令表泄露，将带来巨大的安全隐患。针对这些安全问题，提出了一个新的基于混沌映射口令三方认证密钥协商协议，服务器无需维护用户口令表，避免了口令相关的攻击。同其他相关协议相比，所提协议在增强安全性的同时，大大提高了协议的执行效率。

关键词: 混沌映射, 密钥协商, 认证, 口令

Abstract:

Chaotic map has been used in the design of key agreement protocol due to its excellent properties.In most of password three-party authenticated key agreement protocol based on chaotic map,the server needs to store a sensitive password table.It makes these protocols vulnerable to some password related attacks.Besides,it would be dangerous if the password table was leaked.To resolve the aforementioned problems,a new password three-party authenticated key agreement protocol based on chaotic maps was proposed.The server didn't need to maintain a password table,so the proposed scheme was free from password related attack.Compared with other related proto-cols,the proposed protocol not only enhances the security,but also improves the efficiency greatly.

Key words: chaotic maps, key agreement, authentication, password

中图分类号:

TP 309

李雄,吴凡,廖俊国,刘玉珍. 有效的基于混沌映射的三方认证密钥协商协议[J]. 网络与信息安全学报, 2016, 2(6): 13-21.

Xiong LI,Fan WU,Jun-guo LIAO,Yu-zhen LIU. Efficient three-party authenticated key agreement protocol based on chaotic map[J]. Chinese Journal of Network and Information Security, 2016, 2(6): 13-21.

图/表 5

表1

图1

表2

表3

表4

参考文献 26

[1]	KATZ J , OSTROVSKY R , YUNG M . Efficient pass-word-authenticated key exchange using human-memorable pass-words[J]. Lecture Notes in Computer Science, 2001(4):475-494.
[2]	RAIMONDO M D , GENNARO R . Provably secure threshold password-authenticated key exchange[J]. Journal of Computer and System Sciences, 2006,72 (9):507-523.
[3]	GUO C , CHANG C C . Chaotic maps-based password-authenticated key agreement using smart cards[J]. Communications in Nonlinear Science and Numerical Simulation, 2013,18 (6):1433-1440.
[4]	LEE C C , CHEN C L , WU C Y , et al. An extended chaotic maps-based key agreement protocol with user anonymity[J]. Nonlinear Dynamics, 2012,69 (1/2):79-87.
[5]	LI C T , LEE C C , WENG C Y . An extended chaotic maps based user authentication and privacy preserving scheme against DoS at-tacks in pervasive and ubiquitous computing environments[J]. Nonlinear Dynamics, 2013,74 (4):1133-1143.
[6]	LI X , ZHANG Y . A simple and robust anonymous two-factor au-thenticated key exchange protocol[J]. Security and Communication Networks, 2013,6 (6):711-722.
[7]	TAN Z . A chaotic maps-based authenticated key agreement proto-col with strong anonymity[J]. Nonlinear Dynamics, 2013,72 (1/2):311-320.
[8]	WU F , XU L L . Security analysis and improvement of a privacy authentication scheme for telecare medical information systems[J]. Journal of Medical Systems, 2012,37 (4):1-9.
[9]	LAI H , XIAO J , LI L , et al. Applying semigroup property of en-hanced chebyshev polynomials to anonymous authentication protocol[J]. Mathematical Problems in Engineering, 2012(6):589-597.
[10]	LEE C C , LI C T , HSU C W . A three-party password-based authen-ticated key exchange protocol with user anonymity using extended chaotic maps[J]. Nonlinear Dynamics, 2013,73 (1/2):125-132.
[11]	LIN H Y . Chaotic map-based three-party authenticated key agree-ment[J]. Security and Communication Networks, 2014,7 (12):2469-2474.
[12]	LV C , MA M , LI H , et al. An novel three-party authenticated key exchange protocol using one-time key[J]. Journal of Network and Computer Applications, 2013,36 (1):498-503.
[13]	TSAI H C , CHANG C C . Provably secure three party encrypted key exchange scheme with explicit authentication[J]. Information Sciences, 2013,238 (7):242-249.
[14]	WANG X , ZHAO J . An improved key agreement protocol based on chaos[J]. Communications in Nonlinear Science and Numerical Simulation, 2010,15 (12):4052-4057.
[15]	WU S , CHEN K , PU Q , et al. Cryptanalysis and enhancements of efficient three-party password-based key exchange scheme[J]. In-ternational Journal of Communication Systems, 2013,26 (5):674-686.
[16]	XIE Q , ZHAO J , YU X . Chaotic maps-based three-party pass-word-authenticated key agreement scheme[J]. Nonlinear Dynamics, 2013,74 (4):1021-1027.
[17]	YANG J H , CAO T J . Provably secure three-party password au-thenticated key exchange protocol in the standard model[J]. Journal of Systems and Software, 2012,85 (2):340-350.
[18]	YOON E J , JEON I S . An efficient and secure diffie-hellman key agreement protocol based on chebyshev chaotic map[J]. Commu-nications in Nonlinear Science and Numerical Simulation, 2011,16 (6):2383-2389.
[19]	ZHAO F , GONG P , LI S , et al. Cryptanalysis and improvement of a three-party key agreement protocol using enhanced chebyshev polynomials[J]. Nonlinear Dynamics, 2013,74 (1/2):419-427.
[20]	ZHAO J J , GU D W . Provably secure three-party password based authenticated key exchange protocol[J]. Information Sciences, 2012,184 (1):310-323.
[21]	ZHANG L . Cryptanalysis of the public key encryption based on multiple chaotic systems[J]. Chaos Solitons ＆ Fractals, 2008,37 (3):669-674.
[22]	MANGARD S , OSWALD E , STANDAERT F X . One for all-all for one:unifying standard differential power analysis attacks[J]. IET Information Security, 2011,5 (2):100-110.
[23]	MESSERGES T S , DABBISH E A , SLOAN RH . Examining smart-card security under the threat of power analysis attacks[J]. IEEE Transactions on Computers, 2002,51 (5):541-552.
[24]	KUMARI S , KHAN M K . Cryptanalysis and improvement of ‘a robust smart-card-based remote user password authentication scheme'[J]. International Journal of Communication Systems, 2014,27 (12):3939-3955.
[25]	WANG D , MA C G , WANG P , et al. Robust smart card based password authentication scheme against smart card security breach[R]. Cryptology ePrint Archive, 2012.
[26]	KOCAREV L , LIAN S G . Chaos-based cryptography:theory,algorithms and applications[M]. Berlin: Springer, 2011.

符号	说明
U_A,U_B	用户A和B
S	远程服务器
ID_A,ID_B	U_A和U_B的身份标识
PW_A,PW_B	U_A和U_B的口令
x	服务器的主密钥
s	一个取自(?∞,+∞)的随机整数
a_A,a_B,r_A,r_B,b_A,b_B	随机数
h(·)	单项散列函数
sk_AB(sk_BA)	由A(B)生成的会话密钥
E_k(·)/D_k(·)	密钥k控制下的对称加密/解密算法
?	一个安全信道
→	一个不安全信道
⊕	异或运算符

安全性分析	文献[10]	文献[16]	文献[9]	文献[19]	文献[11]	本文协议
内部攻击	×	×	×	√	×	√
离线口令猜测攻击	√	√	×	√	√	√
模仿攻击	√	√	N/A	√	√	√
服务器伪装攻击	N/A	N/A	N/A	√	N/A	√
重放攻击	√	√	√	√	√	√
用户匿名	√	×	√	√	√	√
相互认证	√	√	√	×	√	√
自由选择口令	×	×	√	√	√	√
自由变更口令	×	×	×	√	×	√
前向安全	√	√	√	√	√	√
已知密钥安全	√	√	√	√	√	√

符号	说明	时间消耗/ms
TC	执行一次切比雪夫多项式的时间	140.745
TS	执行一次加密/解密的时间	0.168
TH	执行一次散列函数的时间	0.000 8

时间消耗量/ms	文献[10]	文献[16]	文献[9]	文献[19]	文献[11]	本文协议
A	3TC+3TH (422.237 4)	3TC+2TS+5TH (422.575)	3TC+6TH (422.239 8)	3TC+TS+5TH (422.407)	2TC+2TS+6TH (281.994 8)	2TC+8TH (281.496 4)
B	3TC+4TH (422.238 2)	3TC+2TS+5TH (422.575)	3TC+6TH (422.407)	3TC+TS+5TH (422.407)	2TC+3TS+TH (281.994 8)	2TC+8TH (281.496 4)
S	2TC+5TH (281.494)	2TC+4TS+4TH (282.165 2)	2TC+2TS+6TH (281.830 8)	2TC+2TS+6TH (281.830 8)	2TC+2TS (281.826)	8TH (0.006 4)
总和	8TC+12TH (1 125.969 6)	8TC+8TS+14TH (1 127.315 2)	8TC+2TS+18TH (1 126.644 8)	8TC+4TS+16TH (1 126.644 8)	6TC+8TS+2TH (845.815 6)	4TC+24TH (562.999 2)

有效的基于混沌映射的三方认证密钥协商协议

Efficient three-party authenticated key agreement protocol based on chaotic map

在线阅读

pdf下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 26

相关文章 15

Metrics

推荐阅读 0

[1]	朱春陶, 尹承禧, 张博林, 殷琪林, 卢伟. 基于多域时序特征挖掘的伪造人脸检测方法[J]. 网络与信息安全学报, 2023, 9(3): 123-134.
[2]	曹进, 石小平, 马如慧, 李晖. 融合双层卫星网络的星地和星间AKA协议[J]. 网络与信息安全学报, 2023, 9(1): 18-31.
[3]	郭辉, 罗勇, 郭晓潞. 基于国密算法的车载以太网控制器身份认证方法[J]. 网络与信息安全学报, 2022, 8(6): 20-28.
[4]	刘军, 袁霖, 冯志尚. 集群网络密钥管理方案研究综述[J]. 网络与信息安全学报, 2022, 8(6): 52-69.
[5]	肖敏, 姚涛, 刘媛妮, 黄永洪. 具有隐私保护的动态高效车载云管理方案[J]. 网络与信息安全学报, 2022, 8(6): 70-83.
[6]	姜奇, 冯茹, 张瑞杰, 王金花, 陈婷, 魏福山. 基于GRU的智能手机多场景步态认证[J]. 网络与信息安全学报, 2022, 8(5): 26-39.
[7]	易聪, 胡军. 新的基于鼠标行为的持续身份认证方法[J]. 网络与信息安全学报, 2022, 8(5): 179-188.
[8]	陈立全, 李潇, 杨哲懿, 钱思杰. 基于区块链的高透明度PKI认证协议[J]. 网络与信息安全学报, 2022, 8(4): 1-11.
[9]	牛建林, 任志宇, 杜学绘. 基于联盟链的跨域认证方案[J]. 网络与信息安全学报, 2022, 8(3): 123-133.
[10]	张伟成, 卫红权, 刘树新, 普黎明. 5G移动边缘计算场景下的快速切换认证方案[J]. 网络与信息安全学报, 2022, 8(3): 154-168.
[11]	徐子钧, 刘建伟, 李耕. 面向5G mMTC的网络切片安全研究[J]. 网络与信息安全学报, 2022, 8(1): 95-105.
[12]	邱洁, 韩瑞, 魏志丰, 王志洋. 网络空间公共基础设施体系及安全策略研究[J]. 网络与信息安全学报, 2021, 7(6): 56-67.
[13]	杨冠群, 刘荫, 徐浩, 邢宏伟, 张建辉, 李恩堂. 基于区块链的电网可信分布式身份认证系统[J]. 网络与信息安全学报, 2021, 7(6): 88-98.
[14]	宋永成, 黄欣沂, 伍玮, 陈海霞. 基于编码的数字签名综述[J]. 网络与信息安全学报, 2021, 7(4): 1-17.
[15]	叶岳洋, 张兴兰. Fabric中的匿名身份认证技术研究[J]. 网络与信息安全学报, 2021, 7(3): 134-140.