Abstract
Nicanfar and Leung proposed a multilayer consensus elliptic curve based password authenticated key-exchange (MCEPAK) protocol for smart grid. They claimed that their protocol is secure against possible attacks. In this paper, we show that the MCEPAK protocol is vulnerable to the dictionary attack and an adversary can obtain the passwords of the appliances by eavesdropping the communicated messages in the protocol. Moreover, we state that the passwords can be discovered by curious operators of the building area networks and the neighbor area networks. Theses weaknesses motivated us to introduce a chaotic maps based authenticated key exchange protocol for smart grid. To the best of our knowledge, the chaotic maps based key exchange protocol has not yet been devised for smart grid and the same objective has been fulfilled in this paper. In addition, we prove the security of the proposed protocol by a formal analysis.
Similar content being viewed by others
References
Abdalla, M., & Pointcheval, D. (2005). Simple password-based encrypted key exchange protocols. In Topics in cryptology—CT-RSA 2005 (pp. 191–208). Springer.
Alvarez, G. (2005). Security problems with a chaos-based deniable authentication scheme. Chaos, Solitons and Fractals, 26(1), 7–11.
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., et al. (2005). The AVISPA tool for the automated validation of internet security protocols and applications. In International conference on computer aided verification (pp. 281–285). Springer.
Bellare, M., & Rogaway, P. (2000). The AuthA protocol for password-based authenticated key exchange. Tech. rep., Citeseer.
Bellare, M., Pointcheval, D., & Rogaway, P. (2000). Authenticated key exchange secure against dictionary attacks. In Advances in cryptology, Eurocrypt 2000 (pp. 139–155). Springer.
Bellovin, S. M., & Merritt, M. (1992). Encrypted key exchange: Password-based protocols secure against dictionary attacks. In 1992 IEEE computer society symposium on research in security and privacy, 1992. Proceedings (pp. 72–84). IEEE.
Bellovin, S. M., & Merritt, M. (1993). Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In Proceedings of the 1st ACM conference on computer and communications security (pp. 244–250). ACM.
Bresson, E., Chevassut, O., & Pointcheval, D. (2003). Security proofs for an efficient password-based key exchange. In Proceedings of the 10th ACM conference on computer and communications security (pp. 241–250). ACM.
Bresson, E., Chevassut, O., & Pointcheval, D. (2004). New security results on encrypted key exchange. In International workshop on public key cryptography (pp. 145–158). Springer.
Chen, T. H., Wang, B. J., Tu, T. Y., & Wang, C. H. (2013). A security-enhanced key agreement protocol based on chaotic maps. Security and Communication Networks, 6(1), 108–114.
Diffie, W., & Hellman, M. E. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654.
Fouda, M. M., Fadlullah, Z. M., Kato, N., Lu, R., & Shen, X. (2011). Towards a light-weight message authentication mechanism tailored for smart grid communications. In 2011 IEEE conference on computer communications workshops (INFOCOM WKSHPS) (pp. 1018–1023). IEEE.
Gong, P., Li, P., & Shi, W. (2012). A secure chaotic maps-based key agreement protocol without using smart cards. Nonlinear Dynamics, 70(4), 2401–2406.
Guo, X., & Zhang, J. (2010). Secure group key agreement protocol based on chaotic hash. Information Sciences, 180(20), 4069–4074.
Han, S. (2008). Security of a key agreement protocol based on chaotic maps. Chaos, Solitons and Fractals, 38(3), 764–768.
Han, S., & Chang, E. (2009). Chaotic map based key agreement with/out clock synchronization. Chaos, Solitons and Fractals, 39(3), 1283–1289.
He, D., & Khan, M. K. (2013). Cryptanalysis of a key agreement protocol based on chaotic hash. International Journal of Electronic Security and Digital Forensics, 5(3–4), 172–177.
Jiang, Q., Wei, F., Fu, S., Ma, J., Li, G., & Alelaiwi, A. (2016). Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dynamics, 83(4), 2085–2101.
Kanso, A., & Ghebleh, M. (2015). A structure-based chaotic hashing scheme. Nonlinear Dynamics, 81(1–2), 27–40.
Kaplan, D., & Glass, L. (2012). Understanding nonlinear dynamics. Berlin: Springer Science & Business Media.
Katz, J., Ostrovsky, R., & Yung, M. (2009). Efficient and secure authenticated key exchange using weak passwords. Journal of the ACM (JACM), 57(1), 3.
Kobara, K. (2002). Pretty-simple password-authenticated key-exchange protocol proven to be secure in the standard model. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 85(10), 2229–2237.
Kocarev, L. (2001). Chaos-based cryptography: A brief overview. IEEE Circuits and Systems Magazine, 1(3), 6–21.
Lee, T. F. (2015). Enhancing the security of password authenticated key agreement protocols based on chaotic maps. Information Sciences, 290, 63–71.
Lee, C. C., Chen, C. L., Wu, C. Y., & Huang, S. Y. (2012). An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dynamics, 69(1–2), 79–87.
Li, F., Luo, B., & Liu, P. (2010). Secure information aggregation for smart grids using homomorphic encryption. In 2010 1st IEEE international conference on smart grid communications (SmartGridComm) (pp. 327–332). IEEE.
Li, M., et al. (2010). Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In International conference on security and privacy in communication systems. Berlin, Heidelberg: Springer.
Li Y., Ge, G., & Xia, D. (2016). Chaotic hash function based on the dynamic S-Box with variable parameters. Nonlinear Dynamics, 84(4), 2387–2402.
Liu, Y., & Xue, K. (2016). An improved secure and efficient password and chaos-based two-party key agreement protocol. Nonlinear Dynamics, 84(2), 549–557.
MacKenzie, P. (2002). The PAK suite: Protocols for password-authenticated key exchange. Contributions to IEEE P 1363:2.
Nicanfar, H., & Leung, V. C. (2013). Multilayer consensus ECC-based password authenticated key-exchange (MCEPAK) protocol for smart grid system. IEEE Transactions on Smart Grid, 4(1), 253–264.
Niu, Y., & Wang, X. (2011). An anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 16(4), 1986–1992.
Pande, A., & Zambreno, J. (2013). A chaotic encryption scheme for real-time embedded systems: Design and implementation. Telecommunication Systems, 52(2), 551–561.
Ruj, S., & Nayak, A. (2013). A decentralized security framework for data aggregation and access control in smart grids. IEEE Transactions on Smart Grid, 4(1), 196–205.
Teh, J. S., Samsudin, A., & Akhavan, A. (2015). Parallel chaotic hash function based on the shuffle–exchange network. Nonlinear Dynamics, 81(3), 1067–1079.
Tseng, H. R., Jan, R. H., & Yang, W. (2009). A chaotic maps-based key agreement protocol that preserves user anonymity. In 2009 IEEE international conference on communications (pp. 1–6). IEEE
Wang, X. Y., & Gu, S. X. (2014). New chaotic encryption algorithm based on chaotic sequence and plain text. IET Information Security, 8(3), 213–216.
Wang, S., Wang, J., & Xu, M. (2004). Weaknesses of a password-authenticated key exchange protocol between clients with different passwords. In M. Jakobsson, M. Yung, J. Zhou (Eds.), Applied cryptography and network security (pp. 414–425). Berlin, Heidelberg: Springer.
Xiao, D., Liao, X., & Wong, K. (2005). An efficient entire chaos-based scheme for deniable authentication. Chaos, Solitons and Fractals, 23(4), 1327–1331.
Xiao, D., Liao, X., & Deng, S. (2007). A novel key agreement protocol based on chaotic maps. Information Sciences, 177(4), 1136–1142.
Xiao, D., Liao, X., & Deng, S. (2008). Using time-stamp to improve the security of a chaotic maps-based key agreement protocol. Information Sciences, 178(6), 1598–1602.
Xing-Yuan, W., & Da-Peng, L. (2013). A secure key agreement protocol based on chaotic maps. Chinese Physics B, 22(11), 110,503.
Xue, K., & Hong, P. (2012). Security improvement on an anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7), 2969–2977.
Yoon, E. J. (2012). Efficiency and security problems of anonymous key agreement protocol based on chaotic maps. Communications in Nonlinear Science and Numerical Simulation, 17(7), 2735–2740.
Zhang, L. (2008). Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos, Solitons and Fractals, 37(3), 669–674.
Zhu, H., Zhang, Y., Xia, Y., & Li, H. (2016). Password-authenticated key exchange scheme using chaotic maps towards a new architecture in standard model. International Journal of Network Security, 18(2), 326–334.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bayat, M., Atashgah, M.B. & Aref, M.R. A Secure and Efficient Chaotic Maps Based Authenticated Key-Exchange Protocol for Smart Grid. Wireless Pers Commun 97, 2551–2579 (2017). https://doi.org/10.1007/s11277-017-4623-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-017-4623-3