Abstract
Three-party authentication key exchange (3PAKE) is a protocol that allows two users to set up a common session key with the help of a trusted remote server, which is effective for secret communication between clients in a large-scale network environment. Since chaotic maps have superior characteristics, researchers have recently presented some of the studies that apply it to authentication key exchange and cryptography. Providing user anonymity in the authentication key exchange is one of the important security requirements to protect users' personal secrets. We analyse Lu et al.'s scheme which attempts to provide user anonymity and we prove that his scheme has errors in the key exchange phase and password change phase. We propose a round-effective three-party authentication key exchange (3PAKE) protocol that provides user anonymity and we analyse its security properties based on BAN logic and AVISPA tool.
Highlights
Along with the rapid development of the information technology and computer network, user authentication plays an important role in protecting resources, service and user’s personal information in the computer network
In 2016, Kumari et al.[46] proposed mutual authentication and key agreement scheme for wireless sensor networks using Chebyshev chaotic maps, in which they described different chaotic maps that could be used in digital authentication and discussed a design methodology to present a robust authentication and key agreement for wireless sensor networks, and proposed a new authentication scheme for wireless sensor networks which provides user anonymity
In 2014, Xie et al [23] proposed a 3PAKE protocol based on Elliptic Curve Cryptosystem (ECC) and the server public key, which provides user anonymity
Summary
Along with the rapid development of the information technology and computer network, user authentication plays an important role in protecting resources, service and user’s personal information in the computer network. The authentication key exchange protocol is one of the important mechanisms of network security aimed at setting a session key for secret communication between users via an open network. The authentication key exchange protocol is keys exchange for the secret communication based on authentication between the communicating parties in essence. The authentication key exchange protocol can be classified into Two-Party Authentication Key Exchange (2PAKE), Three-Party Authentication Key Exchange (3PAKE), and Multi-Party Authentication Key Exchange (MPAKE) depending on the number of participating in the key exchange. The key point of the 3PAKE protocol is that it does not need to remember various passwords for each user, and can establish secret communication between users with the help of a trusted remote server
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
