Research On Three-party Key Agreement Protocol With User Anonymity

With the rapid development of quantum theory,the discrete logarithm problem or large integer factorization problem exist polynomial algorithm,and their securities are seriously threatened.The two-party password authenticated key agreement protocol achieves mutual authentication between a single user and a server,but is not suitable for communication in large-scale networks.In a three-party key agreement protocol,users use weak passwords to get mutual authentication and share session keys,so that it can avoid the threat for storing user's long-term key in the process of identity authentication.Therefore,we propose secure and efficient three-party password authenticated key agreement protocols with user anonymity.Firstly,this paper proposed two password authenticated key agreement protocol relying on RLWE assumption,and it includes lattice-based implicit authentication key agreement protocol and lattice-based explicit authentication key agreement protocol.The implicit authentication key agreement protocol reduces the number of communication round,and can improve the speed of mutual authentication.The explicit authentication key agreement protocol is more secure.The new protocol has higher efficiency and security than other three-party password authenticated key agreement protocols.It can resist quantum attacks,and is suitable for large-scale network communication.Secondly,because lattice-based key agreement protocol has a long key,a higher ciphertext expansion rate,the representation of the lattice requires a large space and other low efficiency shortcomings.However,the representation of ideal lattice is simple,and the ideal lattice has other advantages,such as the small amount of keys,short of the length of keys,low running costs,and high efficiency.We propose a three-party password authenticated key agreement protocol with user anonymity based on ideal lattice,and prove its security.The proposed scheme with user anonymity has some merits,such as,little communication cost,fast authentication speed,high security,and it can achieve two-way authentication between users and servers.The new protocol has higher efficiency and shorter key length than other password authenticated key agreement protocols.It can resist quantum attacks.Finally,By analyzing the password authenticated key agreement protocols based on chaotic maps which was proposed by Lee T,we designed two secure and efficient three-party password authenticated key agreement protocols based on Chebyshev chaotic map with user anonymity,one is based on synchronized clocks,the other uses nonces.The synchronized clocks of anonymous user three-party password authenticated key agreement protocol has less cost in communication,and the proposed nonce-based authenticated key agreement protocol is easier to implement.Advantage of the two protocols is that users can authenticate and exchange keys with each other just by choosing a simple password.The server does not need to protect the user password table,which can avoid the password-related attacks.Meanwhile,in the process of mutual authentication,the user uses a temporary identity and hash function to achieve the user anonymity,which enhances the security of the protocol and reduces the number of messages in the communication process as well.As a result,the efficiency of the agreement is improved and has perfect forward security.