Research On Three-factor Authentication And Key Agreement Protocols

In this thesis,we mainly research on design and security analysis of biometrics based three-factor authentication and key agreement protocols.Analysis and research on some three-factor authentication protocols,we find out that these protocols have some security weaknesses,and then we propose some improved schemes,and present security analysis and formal verification.The research achievements are as follows.1.Research on session initiation protocol.We propose an authentication scheme based on biometrics,smart card and passwords.In addition,we use pi calculus-based formal verification tool ProVerif to prove that the proposed scheme achieves authentication and security.Our scheme also enjoys higher efficiency compared to the related schemes.2.Research on passwords and biometrics based three-party key agreement protocols.We found that most of these protocols are vulnerable to off-line password guessing attack.Therefore,we propse a biometrics-based three-party authenticated key agreement protocol,which not only provide user anonymous but also using extended chaotic maps to improve the execute efficiency.3.Research on chaotic maps-based password-authenticated key agreement protocol,which is proposed by Lin in 2015.We demonstrate that his scheme cannot resist stolen smart card attack and impersonation attack.To improve the security,we propose a security enhanced password-authenticated key exchange protocol,and proof the security of our protocol in random oracle model.4.Research on mobile client-server networks.We point out that Wu et al.'s three-factor user authentication scheme using elliptic curve cryptography is vulnerable to the impersonation attack.Hence,we introduce an improved three-factor authentication scheme to overcome the weakness,and use pi calculus-based formal verification tool ProVerif and security analysis to show that the propose scheme is secure against various attack.