The paper presents a password-based authenticated key-agreement protocol for multi-server environments by using Chebyshev chaotic maps. The protocol allows a user to login to different servers via a single password. The proposed scheme has removed the weakness of multi-server authenticated key-agreement schemes, which adopt the architecture of two-level servers. After a user has finished the first login to a service providing server, the control server is not required to be online for the user's subsequent logins. Compared with the related multi-server authentication schemes, our scheme meets more security requirements, such as mutual authentication, perfect forward security, freedom of password change, scalability of login, resistance to the stolen verifier attacks, resistance to server spoofing attacks, and two-factor security. Detailed analysis shows that the proposed scheme can resist several kinds of attacks. The proposed scheme is provably secure under the CDH assumption of Chebyshev polynomials in the random oracle model. Furthermore, it offers the user and server with privacy-preserving, that is, anonymity and untraceability. Any adversary can neither figure out the identities of users or the identities of service providing servers nor link different sessions with a user or a server.

• 出版日期2016-7-25
• 单位江西财经大学