IEEE Access (Jan 2022)
Provably Secure Pseudo-Identity Three-Factor Authentication Protocol Based on Extended Chaotic-Maps for Lightweight Mobile Devices
Abstract
Authentication and key agreement (AKA) play a major role in an open network environment to communicate between two or more participants securely. Authentication and key agreement protocols should protect sensitive data from a malevolent adversary by offering a several of services, such as user credential privacy and authentication when a user’s or server’s private key is revealed or a smart card is lost/stolen. Unfortunately, the majority of offered authentication and key agreement protocols suggested in the literature are vulnerable to many attacks. In this research, we present a pseudo-identity-based secure mutual authentication protocol that protects privacy. The suggested protocol resists replay attacks, de-synchronization attacks, eavesdropping attacks, denial of service attacks, insider attacks, known session-specific temporary information attacks, and man-in-the-middle attacks efficiently and also provides forward security. In order to offer privacy and prevent traceability, our protocol employs the pseudo-identity mechanism. We present a comprehensive security analysis, which includes formal verification with the Scyther tool; a BAN logic proof; and an informal discussion of various attacks, demonstrating that the proposed protocol is secure against all well-known attacks. Additionally, we give a performance study and a comparison to similar existing protocols.
Keywords