Research On Three-party Password-based Authentication And Key Exchange Protocols

With entering information society,people in all walks of life cannot leave network communication,and how to safely transmit information in the public channel has become an important problem.As for that encryption technology provides multiple security properties such as identity authentication,data integrity,non-repudiation,information encryption,etc,it has important significance in the field of the information security.Authenticated Key Exchange(AKE)is important cryptographic tool to establish a confidential channel between two or more entities over a public network.During an AKE protocol,each participating entity would be required to response to a cryptographic challenge with his knowledge on the common secret in order to prove his identity.Because of two-party communication has some defect about key storage,more and more scholars research on the three-party communication.The main research in this article is chaotic maps-based three-party password-based authentication and key exchange protocol.The specific work content is summarized bellow:(1)We propose some security vulnerabilities on protocols and also improve some of them,which includes demonstrating that Lee et al.'s protocol,Li et al.'s protocol,Guo et al.'s protocol,Xia and Wang's protocol.(2)We design new 3PAKE protocols and optimize them in communication efficiency.Smart card is found high efficiency,portability but low security.So we propose two kinds of 3PAKE protocols whether it applies smart card and smart card is secure enough.(3)We also present the security analysis by a logic proof based on BAN logic and also using the formal security model by Abdalla and Pointcheval with the assumption of the Random Oracle and CDDH.Then we check the new protocols' performance and do experimental simulations.