IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
Password-Authenticated Key Exchange Scheme Using Chaotic Maps towards a New Architecture in Standard Model UMASHREE HUDEDA, SHAMSHAD DODDAMANI, JYOTHI K J, SUDHARANI S, POORNIMA D STJIT, Ranibenur VT University, INDIA
Abstract Nowadays, the overwhelming majority of password-authenticated key agreement protocols using chaotic maps are based on three architectures (client/server, two clients/server and multi-server) and four security models (heuristic security, random oracle, ideal cipher and standard model). However, with rapid changes in the modern communication environment such as wireless mesh networks and cloud storing, it is necessary to put forward a kind more flexible and general architecture to adapt it. So, in our paper, we firstly propose a provable secure password authenticated key agreement protocol using chaotic maps towards multiple servers to server architecture in the standard model. The multiple servers to server architecture will solve the problems single-point of security, single-point of efficiency and single-point of failure in the centralized registration center towards multi-server architecture. The new protocol resists dictionary attacks mounted by either passive or active network intruders, allowing, in principle, even weak password phrases to be used safely. It also offers perfect forward secrecy, which protects past sessions and passwords against future compromises. Finally, we give the security proof in the standard model and the efficiency analysis of our proposed scheme.
IDL - International Digital Library
1|P a g e
Copyright@IDL-2017
IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
Motivation behind choosing the project Chaos theory used to cryptography. Chaotic system is extremely sensitive to initial parameters, unpredictability, blondeness, etc. chaotic sequence generated by chaotic system has the properties of non-periodicity and pseudo-randomness. Chaos theory and chaotic system have exploited a new way for cryptography. Cryptographic primitive, key agreement protocol allows two or more parties to agree on shared keys which will be used to protect their later communication. Then, combining chaos theory and key agreement primitive, many authenticated key exchange (AKE) protocols. One-way authenticated key agreement scheme (OWAKE) based on chaotic maps with multi-server architecture. The OWAKE scheme is widely used to no need for mutual authentication environment on Internet, such as readers-to-journalists model and patient-to-expert model. The chaotic maps, multiple servers to server architecture (MSTSA) to solve the problems caused by centralized architecture, such as multi-server architecture with the registration center (RC). Multi-server authenticated key agreement (MSAKA) architecture is more popular among the AKE protocols.
Proposed System: In Proposed System multiple servers to server architecture, in registered process each users interacts with the particular servers. When clients interact with the server give the high security process from the server via mail alerts and generate the security key for the server interaction. Client representing use System IP Authentication. Password-authenticated key agreement method is an interactive method for two or more clients to establish cryptographic keys based on one or more servers. Symmetric Encryption using for Randomized Key Generation process.
Objectives: Multiple servers to server: IDL - International Digital Library
2|P a g e
Copyright@IDL-2017
IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
Multiple servers to server architecture (MSTSA) to solve the problems caused by centralized architecture, such as multi-server architecture with the registration center (RC). The core ideas of the proposed scheme are the symmetry (or called peer to peer) in the server side and the transparency for the client side. In brief, based on chaotic maps, there were many AKE protocols from functionality aspect, or from efficiency aspect, or from security aspect, for from architecture aspect to improve the AKE protocols. Multi-server authenticated key agreement (MSAKA) architecture is more popular among the AKE protocols which aim to register at the registration center for log in other servers without register repeatedly. MSAKA protocols mainly want to solve the problems in a traditional single server with authentication schemes which lead to the fact that user has to register to different servers separately.
Chaos theory: Chaos theory is the \behavior of dynamical systems that are highly sensitive to initial conditions. Small differences in initial conditions (such as those due to rounding errors in numerical computation) yield widely diverging outcomes for such dynamical systems, rendering long-term prediction impossible in general. This happens even though these systems are deterministic, meaning that their future behavior is fully determined by their initial conditions, with no random elements involved. In other words, the deterministic nature of these systems does not make them predictable. Chaos theory and chaotic system have exploited a new way for cryptography. Cryptographic primitive, key agreement protocol allows two or more parties to agree on shared keys which will be used to protect their later communication. Mutual authentication Mutual authentication or two-way authentication refers to two parties authenticating each other at the same time. In technology terms, it refers to a client or user authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured IDL - International Digital Library
3|P a g e
Copyright@IDL-2017
IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
of the others' identity. When describing online authentication processes, mutual authentication is often referred to as website-to-user authentication, or site-to-user authentication. Typically, this is done for a client process and a server process without user interaction. Mutual authentication is typically used only when extra level of security is needed, especially in financial transactions between organizations.
Literature Survey: In [1] proposed “Cryptography with chaos" chaos-based cryptographic algorithms use dynamical systems defined on the set of real numbers, and therefore are difficult for practical realization and circuit implementation. Chaos-based cryptography, attracting many researchers in the past decade, is a research field across two fields, i.e., chaos (nonlinear dynamic system) and cryptography. It Chaos' properties, such as randomness and periodicity, have been proved to be suitable for designing the means for data protection. Properties in chaotic systems and cryptographic primitives share unique characteristics that allow for the chaotic systems to be applied to cryptography. If chaotic parameters as well as cryptographic keys can be mapped symmetrically or mapped to produce acceptable and functional outputs, it will make it next to impossible for an adversary to find the outputs without any knowledge the initial values.
In [2] Jin Wook Byun and Ik Rae Jeong implements “Password-Authenticated Key Exchange between Clients with Different Passwords” Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Pas sword-Authenticated Key Exchange (C2C-PAKE). Security notions and types of possible attacks are newly defined IDL - International Digital Library
4|P a g e
Copyright@IDL-2017
IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.
In [3] Jin Wook Byun implements “EC2C-PAKA: An efficient client-to-client passwordauthenticated key agreement” Most password-authenticated key agreement schemes described in the literature have focused on authenticated key agreement using a shared password between a client and a server. With rapid changes in the modern communication environment such as ad hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients. This paradigm is a quite different paradigm from the existing ones. Client-toclient password-authenticated key agreement (C2C-PAKA) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented a C2C-PAKA protocol under the cross-realm setting. However, the scheme was not formally treated, and subsequently found to be flawed. In addition, in this scheme, there is still opportunity for improvements both in the computation and communication aspects. We provide formal treatments for the C2C-PAKA protocol by using Bellare et al.’s security model. We also suggest an efficientC2C-PAKA protocol and prove that the protocol is secure under the decisional Diffie–Hellman assumption in the ideal cipher and random oracle models. In [5] proposed A Weakness of the Password-authenticated Key Agreement between Clients with Different Passwords Scheme, A password-authenticated key exchange scheme allows two entities, who only share a memorable password, to authenticate each other and to agree on a cryptographic session key. Instead of considering it in the classic client and server scenarios, Byun et al. recently proposed a password-authenticated key exchange protocol in a cross-realm setting
where
two
clients
in
different
realms obtain a secret session key as well as mutual authentication, with the help of respective servers. we first point out that the proposed protocol is not secure, due to the choice of invalid parameters (say, subgroup generator).Furthermore, we show in detail that, even with properly chosen parameters, the protocol has still some secure flaws. We provide three attacks to illustrate IDL - International Digital Library
5|P a g e
Copyright@IDL-2017
IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
the insecurity of the protocol. Finally, countermeasures are also given, which are believed able to withstand our attacks. In [21] “A biometrics-based multi-server key agreement scheme on chaotic maps cryptosystem," Nowadays chaos theory is widely used in cryptography. In the real world, in order to ensure secure communication, many chaotic maps-based key agreement protocols have been proposed. Most of them used a smart card on account of the inherent ability of anti-interference. Popularly, many related protocols using smart card are used for a single server environment. However, existing single server authentication protocols more or less have some defects. For a single server environment, if a remote user feels like using a number of network services, it is so complicated and boring to repeatedly register a new identity and password. To address this problem, numerous multi-server authentication schemes have been proposed. However, these existing proposed schemes pay attention to efficiency to ignore confidentiality, or focus on the message integrity to ignore efficiency. In our proposed paper, we propose a robust biometrics based multi-server password-authenticated key agreement scheme on chaotic maps cryptosystem. In terms of the analysis of the security and functionality, the proposed scheme has a mass of merits, for instance, prefect forward secrecy, session key secrecy, robust biometrics authentication, password update secrecy, mutual authentication and key agreement. In addition, the proposed scheme can resist common attacks such as guessing attack, replay attack, man-inthe-middle attack and so on. In terms of the efficiency analysis, the proposed scheme is more practical.
IDL - International Digital Library
6|P a g e
Copyright@IDL-2017
IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
Developer System Requirements
Software: Language used: Java Frame Work : Java Swings and AWT Frame Data Base
: MySQL
Communication: For Server => Wireless For Client => Wireless/LAN/MAN Cloud: Google Private Cloud (Capacity Max. 1GB) Connectivity: Java Data Base Connector IDL - International Digital Library
7|P a g e
Copyright@IDL-2017
IDL - International Digital Library Volume 1, Issue 1, FEB-2017
ISSN: IDL Available at: www.dbpuplications.org
Development Tool: NetBeans IDE 8.0.2
Hardware: Server:
Hard Disk min 10GB RAM min. 1 GB OS: Any Windows / XP version Communication: Wireless
Client:
Hard Disk min 10GB RAM min. 1 GB OS: Any Windows / UNIX / Linux Communication: Wireless/LAN/MAN/WAN
IDL - International Digital Library
8|P a g e
Copyright@IDL-2017