Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2017, Article ID 1378128, 13 pages
https://doi.org/10.1155/2017/1378128
Research Article

Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

1Department of Electrical and Computer Engineering, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si, Gyeonggi-do 16419, Republic of Korea
2Department of Cyber Security, Howon University, 64 Howondae 3-gil, Impi-myeon, Gunsan-si, Jeonrabuk-do 54058, Republic of Korea
3Department of Mobile Internet, Daelim University College, 29 Imgok-ro, Dongan-gu, Anyang-si, Gyeonggi-do 13916, Republic of Korea
4Department of Computer Engineering, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si, Gyeonggi-do 16419, Republic of Korea

Correspondence should be addressed to Dongho Won; rk.er.ytiruces@nowhd

Received 4 May 2017; Accepted 16 August 2017; Published 27 September 2017

Academic Editor: Hongxin Hu

Copyright © 2017 Jongho Moon et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.