Premium
Cryptanalysis and improvement of a three‐party password‐based authenticated key exchange protocol with user anonymity using extended chaotic maps
Author(s) -
Farash Mohammad Sabzinejad,
Attari Mahmoud Ahmadian,
Kumari Saru
Publication year - 2014
Publication title -
international journal of communication systems
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.344
H-Index - 49
eISSN - 1099-1131
pISSN - 1074-5351
DOI - 10.1002/dac.2912
Subject(s) - computer science , authenticated key exchange , password , oakley protocol , session key , cryptanalysis , computer security , key exchange , key agreement protocol , cryptographic nonce , computer network , anonymity , key (lock) , zero knowledge password proof , smart card , cryptography , public key cryptography , authentication protocol , key distribution , encryption , challenge–response authentication
Summary Three‐party password‐authenticated key exchange (3PAKE) protocols allow two clients to agree on a secret session key through a server via a public channel. 3PAKE protocols have been designed using different arithmetic aspects including chaotic maps. Recently, Lee et al. proposed a 3PAKE protocol using Chebyshev chaotic maps and claimed that their protocol has low computation and communication cost and can also resist against numerous attacks. However, this paper shows that in spite of the computation and communication efficiency of the Lee et al. protocol, it is not secure against the modification attack. To conquer this security weakness, we propose a simple countermeasure, which maintains the computation and communication efficiency of the Lee et al. protocol. Copyright © 2014 John Wiley & Sons, Ltd.