When people transfer accounts or shop online using their mobile device, it needs authenticated scheme to protect the security.Recently, Zhu Hongfeng proposed a chaotic maps based authenticated scheme.This paper pointed out that Zhu''s scheme was suffered from user impersonation attack, off-line dictionary attack and ID-theft attack.Moreover, this scheme had design flaws in login phase and password change phase.In order to overcome these flaws, this paper proposed an improved chaotic maps based mobile authenticated scheme.Furthermore, it certufued the proposed scheme by BAN logic.According to the comparison with other schemes and simulation results, the proposed scheme is more secure and efficient than other schemes.%人们在使用移动设备进行电子转账、网上购物等经济活动时需要认证协议来保证安全.最近,Zhu Hongfeng提出了一个基于混沌映射的认证协议方案,针对此方案,分析了其存在的缺陷,包括易遭受用户模仿攻击、离线字典攻击、无法提供用户匿名性,以及注册阶段及口令修改阶段存在设计缺陷,由此提出了一个改进的基于混沌映射(切比雪夫多项式)的移动端认证协议来克服这些缺陷.用BAN逻辑证明了其安全性,并同其他相关方案进行了性能比较.仿真实验对比结果显示提出的协议更加安全实用.
展开▼