An extended chaotic maps based authenticated key agreement protocol without using password

Abstract

Chaotic maps have been used in the design of cryptosystem due to its excellent properties. Recently, researchers have proposed many authenticated key agreement protocols based on the chaotic maps. However, most of those protocols use the password to achieve the key agreement, and it will lead some security problems. First, the server has to store a sensitive verification table, and it is dangerous if the server has been compromised or the verification table was stolen. Besides, the low entropy passwords are vulnerable to some password related attacks, such as insider attack and password guessing attack. To resolve the aforementioned problems, this paper propose an extended chaotic maps based authenticated key agreement protocol without using password, where the server just needs to maintain a master secret key and the user just needs to hold a secret key, then they can achieve the key agreement. Compared with other related protocols, the proposed protocol not only keeps the efficiency, but also enhances the security. So, it is more suitable for client/server environment.