A New Efficient Chaotic Maps Based Three Factor User Authentication and Key Agreement Scheme

In order to provide secure remote access control, a robust and efficient authentication protocol should achieve mutual authentication and session key agreement between clients and the server over public channels. Recently, Wang et al. proposed a password based authentication protocol using chaotic maps. In this paper, we demonstrate the security of their scheme, and show that Wang et al.'s scheme cannot provide session key agreement and is insecure against denial of service attack for no detecting wrong password in password change. To remedy these issues, we use the techniques of fuzzy extractor and chaotic maps to propose a three-factor remote authentication scheme. The new scheme preserves user privacy and is secure against various attacks. Detailed analysis of previous schemes in efficiency and security shows our proposed scheme is more suitable for practical application.