Authors: Debiao He; Muhammad Khurram Khan
Addresses: School of Mathematics and Statistics, Wuhan University, Wuhan 430072, China ' Center of Excellence in Information Assurance, King Saud University, P.O. Box 92144, Riyadh 11653, Kingdom of Saudi Arabia
Abstract: With the rapid development of theory and application of chaos, the chaotic Hash has been widely used in cryptosystems. Recently, Guo and Zhang proposed a secure key agreement protocol based on chaotic Hash. They claimed that their protocol could withstand various attacks. Unfortunately, by giving concrete attacks, we demonstrate that Guo and Zhang's protocol is vulnerable to the offline password guessing attack. The analysis shows their protocol is not secure for practical application.
Keywords: chaos; hash function; key agreement protocol; Chebyshev; password guessing attacks; cryptanalysis; chaotic hash; cryptography; protocol security; offline password guessing.
International Journal of Electronic Security and Digital Forensics, 2013 Vol.5 No.3/4, pp.172 - 177
Received: 21 Mar 2013
Accepted: 01 Jul 2013
Published online: 13 Jan 2014 *