Journal of Computer Applications ›› 2018, Vol. 38 ›› Issue (10): 2940-2944.DOI: 10.11772/j.issn.1001-9081.2018030642

Previous Articles     Next Articles

Multi-factor authentication key agreement scheme based on chaotic mapping

WANG Songwei, CHEN Jianhua   

  1. School of Mathematics and Statistics, Wuhan University, Wuhan Hubei 430072, China
  • Received:2018-03-29 Revised:2018-05-02 Online:2018-10-10 Published:2018-10-13


王松伟, 陈建华   

  1. 武汉大学 数学与统计学院, 武汉 430072
  • 通讯作者: 王松伟
  • 作者简介:王松伟(1989-),男,河南周口人,硕士研究生,主要研究方向:密码、信息安全;陈建华(1963-),男,湖北武汉人,教授,博士,主要研究方向:密码、信息安全、椭圆曲线。

Abstract: In the open network environment, identity authentication is an important means to ensure information security. Aiming at the authentication protocol proposed by Li, et al (LI X, WU F, KHAN M K, et al. A secure chaotic map-based remote authentication scheme for telecare medicine information systems. Future Generation Computer Systems, 2017, 84:149-159.), some security defects were pointed out, such as user impersonation attacks and denial service attacks. In order to overcome those vulnerabilities, a new protocol scheme with multi-factor was proposed. In this protocol, extended chaotic mapping was adopted, dynamic identity was used to protect user anonymity, and three-way handshake was used to achieve asynchronous authentication. Security analysis result shows that the new protocol can resist impersonation attacks and denial service attacks and protect user anonymity and unique identity.

Key words: chaotic mapping, three-factor, authentication, key agreement, user anonymity, impersonation attack

摘要: 在开放的网络环境中,身份认证是确保信息安全的一种重要手段。针对Li等(LI X,WU F,KHAN M K,et al.A secure chaotic map-based remote authentication scheme for telecare medicine information systems.Future Generation Computer Systems,2017,84:149-159.)提出的身份认证协议,指出其容易遭受用户冒充攻击、拒绝服务攻击等缺陷,并提出一个新的多因子认证协议来修复以上安全漏洞。该协议使用了扩展混沌映射,采用动态身份保护用户匿名性,并利用三次握手技术实现异步认证。安全性分析结果表明,所提协议可以抵抗冒充攻击、拒绝服务攻击,能够保护用户匿名性和身份唯一性。

关键词: 混沌映射, 三因子, 认证, 密钥协商, 用户匿名性, 冒充攻击

CLC Number: