Title: Security analysis and improvements of a universal construction for a round-optimal password authenticated key exchange protocol

Authors: Hongfeng Zhu; Xintong Wang; Yeh-Cheng Chen; Xueying Wang

Addresses: Software College, Shenyang Normal University, No. 253, Huanghe Bei Street, Huang Gu District, Shenyang, P.C 110034, China ' Software College, Shenyang Normal University, No. 253, Huanghe Bei Street, Huang Gu District, Shenyang, P.C 110034, China ' Department of Computer Science, University of California, Davis, CA, USA ' Software College, Shenyang Normal University, No. 253, Huanghe Bei Street, Huang Gu District, Shenyang, P.C 110034, China

Abstract: Authenticated key exchange (AKE) protocols enable two parties to generate a shared, cryptographically strong key while communicating over an insecure network under the complete control of an adversary. Recently, Jonathan et al presents two PAKE protocols which make the communication reduce to one-round. At the same time Jonathan's protocols achieve the mutual authentication and agreement the session key by constructing smooth projective hash functions. However Jonathan's two protocols are subjected to key compromise impersonation (KCI) attack. Based on these motivations, this paper firstly put forwards a framework one-round PAKE protocols. And then we propose a provably secure and flexible one-round PAKE scheme based on chaotic maps. Compared with Jonathan's two protocols, the results show that our one-round PAKE scheme can not only refrain from consuming modular exponential computing and scalar multiplication, but is also robust to resist various attacks, especially for KCI attack. Finally, we also give the provable security of our scheme.

Keywords: authentication; key exchange; chaotic maps; one-round communication; key compromise impersonation; KCI.

DOI: 10.1504/IJICS.2022.121293

International Journal of Information and Computer Security, 2022 Vol.17 No.1/2, pp.104 - 118

Received: 12 Jan 2019
Accepted: 21 Feb 2019

Published online: 04 Mar 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article