Abstract
In distributed networks, anonymous user authentication is crucial to enable authorized access and guard privacy. Recently, Lin proposed a chaotic map-based anonymous mobile user authentication scheme. In this paper, we analyze the security of Lin’s scheme and identify that the scheme is vulnerable to impersonation attack and server masquerading attack. We then devise an improved chaotic map-based authentication scheme to assure reliability and security. Compared with the related chaotic map-based authentication schemes, our protocol employs an innovative solution which rectifies the security flaws caused by the inherent defect of Chebyshev chaotic map-based public key systems. Furthermore, BAN-logic is put forward to certify the validity of our proposal. The security and performance analysis also shows that our scheme provides stronger security and better scalability than previous related schemes.
Similar content being viewed by others
References
Das, M., Saxena, A., & Gulati, V. (2004). A dynamic ID-based remote user authentication scheme. IEEE Trans on Consumer Electronics, 50(2), 665–667.
Khan, M., Kim, S., & Alghathbar, K. (2011). Cryptanalysis and security enhancement of a ‘more efficient & secure dynamic ID-based remote user authentication scheme’. Computer Communications, 34(3), 305–309.
Wen, F., Susilo, W., & Yang, G. (2013). A secure and effective anonymous user authentication scheme for roaming service in global mobility networks. Wireless Personal Communications, 73(3), 993–1004.
Guo, D., & Wen, F. (2014). Analysis and improvement of a robust smart card based-authentication scheme for multi-server architecture. Wireless Personal Communications, 78(1), 475–490.
Li, X., Wen, Q., Zhang, H., & Jin, Z. (2013). An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. International Journal of Network Management, 23(5), 311–324.
Wen, F., & Guo, D. (2014). An improved anonymous authentication scheme for telecare medical information systems. Journal of Medical Systems,. doi:10.1007/s10916-014-0026-0.
Baptista, M. S. (1998). Cryptography with chaos. Physics Letters A, 240(1–2), 50–54.
Kocarev, L. (2001). Chaos-based cryptography: A brief overview. IEEE Circuits and Systems Magazine, 1(3), 6–21.
Bergamo, P., D’Arco, P., Santis, A., & Kocarev, L. (2005). Security of public-key cryptosystems based on Chebyshev polynomials. IEEE Transactions on Circuits and Systems I, 52(7), 1382–1393.
He, D., Chen, Y., & Chen, J. (2012). Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dynamics, 69(3), 1149–1157.
Niu, Y., & Wang, X. (2011). An anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 16(4), 1986–1992.
Tan, Z. (2013). A chaotic maps-based authenticated key agreement protocol with strong anonymity. Nonlinear Dynamics, 72(1–2), 311–320.
Lee, C., Chen, C., Wu, C., & Huang, S. (2012). An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dynamics., 69(1–2), 79–87.
Xiao, D., Liao, X., & Deng, S. (2007). A novel key agreement protocol based on chaotic maps. Information Sciences, 177(4), 1136–1142.
Xue, K., & Hong, P. (2012). Security improvement on an anonymious key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7), 2969–2977.
Li, T., Lee, C., & Weng, C. (2014). A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. Journal of Medical Systems,. doi:10.1007/s10916-014-0077-2.
Chang, C., & Sun, c. (2014). A secure and efficient authentication scheme for E-coupon systems. Wireless Personal Communications, 77(4), 2981–2996.
Fan, C., Sun, W., & Huang, V. (2010). Provably secure randomized blind signature scheme based on bilinear pairing. Computers & Mathematics with Applications, 60, 285–293.
Koblitz, N., Menezes, A., & Vanstone, S. (2000). The state of elliptic curve cryptography. In Towards a quarter-century of public key cryptography (pp. 103–123). US: Springer.
Lin, Y. (2014). Chaotic map based mobile dynamic ID authenticaed key agreement scheme. Wireless Personal Communications. doi:10.1007/s11277-014-1829-5.
Charvet, X., & Pelletier, H. (2005). Improving the DPA attack using Wavelet transform. In NIST Physical Security Testing Workshop, (Vol. 46).
Jasper G. J. van Woudenberg, J., Witteman, M., & Bakker, B. (2011). Improving differential power analysis by elastic alignment. In Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011, (pp. 104–119).
Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8(1), 18–36.
Acknowledgments
The authors are grateful to the editor and anonymous reviewers for their valuable suggestions. This work is supported by NSFC (Grant Nos. 61300181, 61202434), the Fundamental Research Funds for the Central Universities (Grant No. 2015RC23).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Guo, D., Wen, Q., Li, W. et al. Analysis and Improvement of ‘Chaotic Map Based Mobile Dynamic ID Authenticated Key Agreement Scheme’. Wireless Pers Commun 83, 35–48 (2015). https://doi.org/10.1007/s11277-015-2378-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-015-2378-2