Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy

Nonlinear Dynamics

Volumn 83, Issue 4, 2016, Pages 2085-2101

  Jiang, Qi ^a   Wei, Fushan ^a   Fu, Shuai ^a   Ma, Jianfeng ^a   Li, Guangsong ^b   Alelaiwi, Abdulhameed ^c  

^a XIDIAN UNIVERSITY   (China)

^b STATE KEY LABORATORY OF MATHEMATICAL ENGINEERING AND ADVANCED COMPUTING   (China)

^c KING SAUD UNIVERSITY   (Saudi Arabia)

Author keywords

Anonymity; Authentication; Biometrics; Chaotic map; Key agreement; Password; Privacy; Smart card

Indexed keywords

BIOMETRICS; CHAOTIC SYSTEMS; COMPUTATION THEORY; DATA PRIVACY; SMART CARDS; TRANSPORTATION;

ANONYMITY; CHAOTIC MAP; KEY AGREEMENT; MUTUAL AUTHENTICATION; OFFLINE PASSWORD GUESSING ATTACK; PASSWORD; PASSWORD VERIFICATIONS; USER IMPERSONATION ATTACKS;

AUTHENTICATION;

EID: 84958124876     PISSN: 0924090X     EISSN: 1573269X     Source Type: Journal    
DOI: 10.1007/s11071-015-2467-5     Document Type: Article

References (54)

1. Xia, Z., Wang, X., Sun, X., Wang, Q.: A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. (2015). doi:10.1109/TPDS.2015.2401003
2. Fu, Z., Sun, X., Liu, Q., Zhou, L., Shu, J.: Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans. Commun. E98–B(1), 190–200 (2015)
3. Ren, Y., Shen, J., Wang, J., Han, J., Lee, S.: Mutual verifiable provable data auditing in public cloud storage. J. Internet Technol. 16(2), 317–323 (2015)
4. Guo, P., Wang, J., Li, B., Lee, S.: A variable threshold-value authentication architecture for wireless mesh networks. J. Internet Technol. 15(6), 929–936 (2014)
5. Zhao, D., Peng, H., Li, L., Yang, Y.: A secure and effective anonymous authentication scheme for roaming service in global mobility networks. Wirel. Pers. Commun. 78(1), 247–269 (2014)
6. Wang, D., He, D., Wang, P., Chu, C.-H.: Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans. Depend. Secure Comput. 12(4), 428–442 (2015). doi:10.1109/TDSC.2014.2355850
7. Wang, D., Wang, N., Wang, P., Qing, S.: Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity. Inf. Sci. 321, 162–178 (2015). doi:10.1016/j.ins.2015.03.070
8. O’Gorman, L.: Comparing passwords, tokens, and biometrics for user authentication. Proc. IEEE 91(12), 2021–2040 (2003)
9. Yu, J., Wang, G., Mu, Y., Gao, W.: An efficient and improved generic framework for three-factor authentication with provably secure instantiation. IEEE Trans. Inf. Forensics Secur. 9(12), 2302–2313 (2014). doi:10.1109/TIFS.2014.2362979
10. Huang, X., Xiang, Y., Chonka, A., Zhou, J., Deng, R.H.: A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans. Parallel Distrib. Syst. 22(8), 1390–1397 (2011)
11. Lin, C.H., Lai, Y.Y.C.H.: A flexible biometrics remote user authentication scheme. Comput. Stand. Interfaces 27, 19–23 (2004)
12. Khan, M.K., Zhang, J.S.: Improving the security of ‘a flexible biometrics remote user authentication scheme’. Comput. Stand. Interfaces 29, 82–85 (2007)
13. Li, C.-T., Hwang, M.-S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33, 1–5 (2010)
14. Li, X., Niu, J.W., Ma, J., Wang, W.D., Liu, C.L.: Cryptanalysis and improvement of a biometric-based remote authentication scheme using smart cards. J. Netw. Comput. Appl. 34, 73–79 (2011)
15. Das, A.K.: Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Inf. Secur. 5(3), 145–151 (2012)
16. Fan, C.I., Lin, Y.H.: Provably secure remote truly three factor authentication scheme with privacy protection on biometrics. IEEE Trans. Inf. Forensics Secur. 4, 933–945 (2009)
17. Li, X., Niu, J., Wang, Z., Chen, C.: Applying biometrics to design three-factor remote user authentication scheme with key agreement. Secur. Commun. Netw. 7(10), 1488–1497 (2013)
18. Li, L., Peng, H., Kurths, J., Yang, Y., Schellnhuber, H.J.: Chaos-order transition in foraging behavior of ants. PNAS 111(23), 8392–8397 (2014)
19. Niu, Y.J., Wang, X.Y.: An anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 16, 1986–1992 (2011)
20. Xue, K., Hong, P.: Security improvement on an anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 17, 2969–2977 (2012)
21. Lee, T.-F.: Enhancing the security of password authenticated key agreement protocols based on chaotic maps. Inf. Sci. 290, 63–71 (2015)
22. Gong, P., Li, P., Shi, W.: A secure chaotic maps-based key agreement protocol without using smart cards. Nonlinear Dyn. 70, 2401–2406 (2012)
23. Xie, Q., Tu, X.: Chaotic maps-based three-party password authenticated key agreement scheme. Nonlinear Dyn. 74, 1021–1027 (2013)
24. Zhao, F., Gong, P., Li, S., Li, M., Li, P.: Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials. Nonlinear Dyn. 74, 419–427 (2013)
25. Lee, C.-C., Li, C.-T., Hsu, C.-W.: A three-party password based authenticated key exchange protocol with user anonymity using extended chaotic maps. Nonlinear Dyn. 73, 125–132 (2013)
26. Farash, M.S., Attari, M.A.: An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps. Nonlinear Dyn. 77(1), 399–411 (2014). doi:10.1007/s11071-014-1304-6
27. Lai, H., Orgun, M.A., Xiao, J., Pieprzyk, J., Xue, L., Yang, Y.: Provably secure three-party key agreement protocol using Chebyshev chaotic maps in the standard model. Nonlinear Dyn. 77(4), 1427–1439 (2014)
28. Guo, C., Chang, C.-C.: Chaotic maps-based password authenticated key agreement using smart cards. Commun. Nonlinear Sci. Numer. Simul. 18(6), 1433–1440 (2013)
29. Hao, X., Wang, J., Yang, Q., Yan, X., Li, P.: A chaotic map based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(2), 1–7 (2013)
30. Jiang, Q., Ma, J., Lu, X., Tian, Y.: Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J. Med. Syst. 38(2), 1–8 (2014)
31. Yau, W.C., Phan, R.C.W.: Security analysis of a chaotic map based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(6), 1–9 (2013)
32. Yau, W.C., Phan, R.C.W.: Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials. Nonlinear Dyn. 79(2), 809–821 (2014). doi:10.1007/s11071-014-1704-7
33. Tan, Z.: A chaotic maps-based authenticated key agreement protocol with strong anonymity. Nonlinear Dyn. 72(1–2), 311–320 (2013)
34. Li, C.T., Lee, C.C., Weng, C.Y.: An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments. Nonlinear Dyn. 74(4), 1133–1143 (2013)
35. Lee, C.C., Lou, D.C., Li, C.T.: An extended chaotic maps-based protocol with key agreement for multiserver environments. Nonlinear Dyn. 76(1), 853–866 (2013). doi:10.1007/s11071-013-1174-3
36. Khan, M.K., Zhang, J., Wang, X.: Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices. Chaos, Solitons Fract. 35(3), 519–524 (2008)
37. Lee, C.C., Chen, C.C., Wu, C.Y., Huang, S.-Y.: An extended chaotic maps-based key agreement protocol with user anonymity. Nonlinear Dyn. 69(1–2), 79–87 (2012)
38. He, D., Chen, Y., Chen, J.: Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn. 69(3), 1149–1157 (2012)
39. Lee, C.C., Hsu, C.W.: A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn. 71(1–2), 201–211 (2013)
40. Islam, S.K.H.: Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps. Nonlinear Dyn. 78(3), 2261–2276 (2014). doi:10.1007/s11071-014-1584-x
41. Dodis Y., Reyzin L., Smith A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Proceedings of EUROCRYPT, pp. 523–540(2004)
42. Juels A., Sudan M.: A fuzzy vault scheme. In: Proceedings of International Symposium on Information Theory (ISIT), p. 408 (2002)
43. Nagar, A., Nandakumar, K., Jain, A.K.: Securing fingerprint template: fuzzy vault with minutiae descriptors. In: Proceedings of 19th International Conference on Pattern Recognition, pp. 1–4 (2008)
44. He, D., Kumar, N., Lee, J.-H.: Enhanced three-factor security protocol for USB consumer storage devices. IEEE Trans. Consum. Electr. 60(1), 30–37 (2014)
45. He, D., Wang, D.: Robust biometrics-based authentication scheme for multi-server environment. IEEE Syst. J. 9(3), 816–823 (2015). doi:10.1109/JSYST.2014.2301517
46. Wang, D., Wang, P., Ma, C., Chen, Z.: iPass: privacy preserving two-factor authentication scheme against smart card loss problem. Cryptology ePrint Archive 439, 1–35 (2012). http://eprint.iacr.org/2012/439.pdf
47. Bergamo, P., Arco, P., Santis, A., Kocarev, L.: Security of public key cryptosystems based on Chebyshev polynomials. IEEE. Trans. Circ. Syst. 52, 1382–1393 (2005)
48. Zhang, L.: Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos Solitons Fract. 37(3), 669–674 (2008)
49. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Proceedings of Advances in Cryptology (Crypto’99), LNCS, pp. 388–397 (1999)
50. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)
51. Jiang, Q., Ma, J., Li, G., Yang, L.: An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wirel. Pers. Commun. 77(2), 1489–1506 (2014)
52. Jiang, Q., Ma, J., Lu, X., Tian, Y.: An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Netw. Appl. 8(6), 1070–1081 (2015). doi:10.1007/s12083-014-0285-z
53. Arkko, J., Nikander, P., Näslund, M.: Enhancing Privacy with Shared Pseudo Random Sequences, Security Protocols. Springer, Berlin (2007)
54. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)