Anonymous group key agreement protocol for multi-server and mobile environments based on Chebyshev chaotic maps

Abstract

A group key agreement protocol can establish a secret key shared among some participants for secure group-oriented applications. Many authenticated group key agreement protocols are proposed, but some of them cannot provide user anonymity. Xiao et al. (Inf Sci 177:1136–1142, 2007) proposed an improved key agreement protocol based on chaotic maps with only a predetermined long-term key to ensure security. Guo and Zhang (Inf Sci 180:4069–4074, 2010) proposed a group key agreement protocol based on chaotic hash function, but Yoon et al. recently pointed out that Guo et al.’s protocol is vulnerable to off-line password guessing attack, stolen-verifier attack, and reflection attack. In this paper, we will propose an authenticated group key agreement protocol with user anonymity based on Chebyshev chaotic maps to resist above pointed out attacks and achieve the following properties with better performance: (i) It is suitable for multi-server and mobile environments; (ii) it achieves contributory group key agreement with user authentication; (iii) it provides mutual authentication, explicit key authentication, key confirmation, forward secrecy, and group key updating; (iv) user anonymity can simultaneously be preserved in the group key agreement procedure, which implies that identities of all participants are anonymously to outsiders; (iv) no public key certificates are used, which implies that authenticity of public keys are implicitly verified; (vi) it can also resist password guessing and stolen-verifier attacks.