Efficient and Secure Three-Factor User Authentication and Key Agreement Using Chaotic Maps

Abstract

User authentication and key agreement are essential for implementing secure wireless communication, especially in mobile devices. Many authentication and key agreement schemes are based on both the smart card and the password. Unfortunately, most of these schemes are vulnerable, such as password guessing attack and smart card loss attack. Recently, Han et al. proposed a three-factor key agreement and authentication scheme by using fuzzy extractor and chaotic maps. However, it is proved that Han et al.’s scheme can not protect user anonymity and involves some redundant operations. To address the security defects, we proposed an improved user authentication and key agreement scheme. Although our scheme incurs slightly delay than others, it can resist various attacks. Moreover, our scheme is efficient for practical application deployments compared with other previously proposed user authentication schemes.