An efficient biometrics-based authentication scheme for telecare medicine information systems

Transcription

1 Zuowen Tan Jangx Unversty of Fnance & Economcs An effcent bometrcs-based authentcaton scheme for telecare medcne nformaton systems Abstract. The telecare medcal nformaton system enables the patents gan health montorng and access healthcare-related servces over nternet or moble networks. Due to the open envronment, the mutual authentcaton between the user and the telecare server wll thus be n demand. Many smart card based authentcaton schemes for telecare medcne nformaton systems have been proposed for the goals. However, most of the schemes are vulnerable to varous Specally, some schemes requre the exponental computaton or publc key cryptography whch leads to very low effcency for smart card. Ths paper proposes an effcent smart card based password authentcaton scheme by applyng bometrcs technque and hash functon operatons. It s shown to be more secure and practcal for telecare medcne envronments. Streszczene. W artykule opsano prostą metodę uwerzytelnana dentyfkacj użytkownka danych usług (np. medycznych) na podstawe kart typu Smart-Card. Proponowana struktura opera sę na technkach bometrycznych oraz funkcj skrótu (haszowane). Rozwązane to zapewna wększe bezpeczeństwo jest praktycznejsze dla telefoncznych bur obsług medycznej. (Zastosowane technk bometr w strukturze uwerzytelnana klenta dla telefoncznych bur obsług ośrodków medycznych). Keywords: Authentcaton; bometrcs;smart card;nformaton system Słowa kluczowe: uwerzytelnane, bometra, smart-card, system nformacyjny. Introducton Recently, telecare s ncreasngly workng as a valuable supplementary way of medcne care from tradtonal desktop telemedcne platforms [1]. Through a telecare medcal nformaton system (TMIS), patents send health message or use portals for health montorng and healthcare-related servces over nternet or moble networks. Snce the patents apply TMISs to access the healthcare delvery servces, the expense of the patents such as travel cost and the hosptalzaton tme wll be sgnfcantly reduced. In addton, the telecare server keeps the electronc medcal records of regstered users. Thus, TMIS helps the physcans make more comprehensve decson va the cooperaton of some physcans n dfferent places. Because wreless moble telecommuncatons of TMIS are n the open envronments, the securty ssue becomes a sgnfcant concern. A secure authentcaton scheme s essental to guarantee that only the authorzed users can access the servce from TMIS or the network[2,3,4]. Lamport proposed a password based authentcaton scheme to deal wth the authentcaton of remote user access [3]. Nowadays, password s one of the most acceptable and wdely used authentcaton mechansms, e.g., telnet, Kerberos. However, Lamport s scheme s susceptble to dctonary Later, smart cards have been wdely appled to construct the password based authentcaton schemes. Due to ther low cost and portablty, smart card based password authentcaton s one of the most convenent and commonly used authentcaton technques [6,7]. Recently, Wu et al. [8] proposed an effcent smart card based password authentcaton scheme for TMIS. Wu et al. clamed that ther scheme s secure and very sutable for TMIS va moble devces wth low computaton. But He et al. [9] showed that Wu et al. s scheme suffers from the mpersonaton attacks and nsder s To remove the weaknesses, He et al. [9] proposed an mproved authentcaton scheme for TMIS. Unfortuantely, We et al.[10] found that both the schemes [8,9] for TMIS fal to acheve two factor authentcaton. The adversary can mount off-lne password guessng attacks f the adversary has extracted the secret data from the smart card. We et al. also proposed an mproved scheme for TMIS. We et al. clamed ther scheme conquers those securty weaknesses of the above two schemes. Subsequently, Zhu [11] showed that We et al. s scheme s also vulnerable to off-lne password guessng Thus, We et al. s scheme does not hold two-factor authentcaton. Furthermore, the above mentoned authentcaton schemes [8-11] requre no verfcaton durng the password change phase. Thus,f a malcous adversary can access the smart card temporarly, he can mount denal of servce attacks by changng the password. To acheve user anonymty, Wang et al. [12] proposed an authentcaton and key agreement scheme wth user anonymty based on ECC. But Pu et al. [13] demonstrated that n Wang et al. s scheme, the long-term prvate key stored n the moble devce wll be revealed f an adversary gets the devce. Moreover, ther scheme needs a smart card producng center to mantan the certfcates for users publc keys. Pu et al. propose a generc constructon of smart card based password authentcaton scheme [13]. Ther scheme does not need to store or verfy others certfcates. However, Pu et al. s scheme requres the hgh computaton cost. Furthermore, the mutual authentcaton durng the key agreement phase apples a password-based two-party authentcated key agreement scheme to establsh a secure hgh-entropy sesson key. Therefore, the user and the server must share a password beforehand. Khan et al. [14] also found that Wang et al. s scheme cannot provde user s anonymty and the user s free choce of a password. In addton, Wang et al. s scheme suffers from the followng securty ssues: vulnerablty to nsder attack and no provson for a sesson key agreement. To address these securty flaws, Khan et al. proposed an enhanced authentcaton scheme. But Chen et al. [15] found that Khan et al. s scheme stll can not protect the user s anonymty. So far, to desgn an effcent smart card based authentcaton scheme wth anonymty preservng s stll a challengng ssue. Based on these motvatons, ths paper proposes a bometrcs-based authentcaton scheme wth key agreement for TMIS by usng the smart card. The proposed scheme reduces sgnfcantly the executon tme of two partcpants n TMIS. Compared wth prevous schemes [8-11], the proposed scheme has the followng merts: (1) t provdes a stronger user authentcaton functon by adoptng bometcs technque. (2) It provdes secure and effcent key 200 PRZEGLĄD ELEKTROTECHNICZNY, ISSN , R. 89 NR 5/2013

2 agreement functon. (3) It provdes free secure password and bometcs update functon. The remander of ths paper s organzed as follows. Secton 2 presents a new password authentcaton scheme for TMIS usng bometcs. In Secton 3, we analyze ts securty propertes and performance. Fnally, concluson wll be gven n Secton 4. An authentcated key agreement scheme In the secton, we propose an authentcaton scheme wth key agreement. Notatons used n the scheme are defned n Table 1. Table 1. Notatons U -th user S the telecare server x master key of S concatenaton ID U s dentty h( ) hash functon PW U s Password message transmsson N random number B bometrc nformaton The remote telecare server S selects a master key x and a secure one-way hash functon h(). The authentcaton scheme s composed of four phases,.e. regstraton, logn, authentcaton and key agreement, and password and bometrcs update. 1. Regstraton phase Step 1. U S: {ID, pw } The user U selects an dentty ID, a password PW and a random number N. Then U mprnts her bometrc nformaton B and computes pw =h(id PW B N ), Z =h(n B ). U sends {ID, pw } to the telecare server S through a secre channel. Step 2. S U : Smart card S computes X =h(id x), Y =X h( pw ) and stores {Y,h()} to a smart card. Then S ssues the smart card to the user U through a secure channel. Step 3. U Smart card: {N,Z } U nputs {N,Z } to her smart card. 2. Logn phase U nserts hs smart card nto a card reader, keys hs dentty ID and password PW and mprnts bometrc B at the sensor. Then the smart card compares h(n B ) wth Z. If they are not the same, t outputs rejecton message. Otherwse, t outputs acceptance message. Then the smart card chooses a random nonce r and calculates pw =h(id PW B N ), X =Y h( pw ), C = En (h(r X ID ) ID r ), where En X () s a symmetrc encrypton wth key X. Next, the smart card sends {ID, C } to S. 3. Authentcaton and key agreement phase Step 1. S U : {r s, a } S frst decrypts the cphertext C and parses the plantext nto three parts lke ths: De (C ) =h ID r. X And S checks f h =h(r ID ). If the equaton does not hold, S refuses the logn request. Otherwse, t accepts the logn request. Next, S chooses a random nonce r s and computes a =h(id r r s ). Fnally, S sends {r s, a } back to the smart card. Step 2. U S: {b } Upon recevng the message from the remote telecare server S, the smart card checks f a =h(id r r s ). If the equaton holds, the smart card computes b =h(id r s r ). Then the smart card computes the sesson key sk=h(r r s ID ) and sends the message {b } to S. Step 3. S checks f b =h(id r s r ). If the equaton holds, S computes the sesson key sk=h(r r s ID ). 4. Password and bometrcs update phase If U wants to change hs password, U nserts hs smart card and keys hs dentty ID and password PW. Then U mprnts her bometrc nformaton B. The smart card compares h(n B ) wth Z. If they are not the same, t outputs rejecton message. Otherwse, U carres out the followng operatons. (1). U selects a random number N, keys a new password PW and mprnts her bometrc nformaton B. (2). The smart card computes pw =h(id PW B N ), pw =h(id PW B N ), Z =h( N B ), Y = Y h( pw ) h( pw ). (3). The smart card replaces {N,Y,Z } wth { N, Y, Z },respectvely. Analyses on the proposed scheme 1. Securty analyses In the followng, we analyze the securty of our scheme. We demonstrate that our scheme ressts aganst some wellknown securty threats. We frst consder the adversaral model of smart card based authentcaton scheme for TMIS. Assume that an adversary A gets the full control over the communcaton channel between the user U and the telecare server S (except the regstraton phase). Thus, A could obtan all the messages transmtted between U and S (except the regstraton message). Of all the four phases n a smart card based authentcaton scheme for TMIS, only the regstraton phase requres a secure channel between U j and S. For other phases, there could be varous knds of passve and actve adversares n the communcaton channel between U and S. The adversary can eavesdrop on the communcaton, modfy messages, remove messages or nsert messages nto the communcaton channel. Its objectve s to compromse mutual authentcaton between U and S. For example, the adversary even mpersonates U to access S, or the adversary mpersonates S to provde U wth false servce. To smulate the nsder attack, f a user s under attack, A s allowed to obtan the passwords and extract the nformaton stored n the smart-cards of all the users except the user under attack. For a smart card based authentcaton scheme, one basc securty property s that the user s requred to have both the smart-card and the password, whch s often called two-factor authentcaton. Snce Messerges et al. [16] and Kocher et al. [17] ponted out that the smart-cards cannot prevent the nformaton stored n them from beng extracted by montorng ther power consumpton [18], ther securty s always dscussed n the case that the smart card s stolen. In other words, when a user s under attack, we also allow the adversary A to ether compromse the password or the smart-card of the user under attack, but not both. PRZEGLĄD ELEKTROTECHNICZNY, ISSN , R. 89 NR 5/

3 Theorem 1. The proposed scheme provdes user authentcaton. Proof: In the proposed scheme, the smart card dentfes the valdty of the user by checkng f h(n B )=Z. Due to the one-wayness and collson resstance of hash functon, only the user U can mprnt B. Next, S authentcates the user by checkng f h =h(r ID ). The random nounce r s contaned n the cphertext C. Although ID s transmtted over the open channel, even f h s obtaned, t s computatonally nfeasble to generate a random nounce r whch satsfes h =h(r ID ). In essence, h s also contaned n the cphertext C. Only the entty who knows X can decrypt C and further get h. Snce an adversary does not have the master key x, he has to compute the encrypton key X through X =Y h(id PW B N ). Suppose that the adversary has stolen the smart card, he obtans the message {Y, N } stored n the card and ID.The adversary stll cannot work out X. Ths s because the adversary does not know {PW, B } whle X also depends on {PW, B }. Therefore, the proposed scheme provdes the strong user authentcaton. The telecare server s sure that the servce requestor s ndeed a regstered user as the user clams. Theorem 2. The proposed scheme provdes server authentcaton. Proof: We frst show that the proposed scheme prevents any adversary from obtanng the server s master secret key. The secret key x s hashed n the form h(id x). Upon the assumptons of collson-resstant hash functons, an adversary cannot extract x from h(id x). Next, t s nfeasble that an adversary cheats a user U by masqueradng as S. Snce the adversary does not have the master key x, the adversary cannot decrypt C. Thus, the adversary cannot obtan r. Therefore, t s nfeasble to generate a vald par {r s,a }. When an adversary chooses randomly r s and sends a response message back to the smart card, the smart card wll fnd that the response s not from S. Ths s because the verfcaton equaton a =h(id r r s ) wll not hold at probablty 1. Therefore, the proposed scheme can authentcate the server S. The user s sure that the server s ndeed the one who the user wants to access. Theorem 1 and Theorem 2 mply that the proposed scheme also can resst aganst the man-n-the-mddle Theorem 3. The proposed scheme provdes secure password and bometrcs update. Proof: Before the user updates the password and bometrcs, the smart card wll compares h(n B ) wth the stored Z. Only the vald user can contnue the update phase. The verfcaton prevents any malcous adversary from mountng denal of servce attacks by changng the password and bometrcs. The password and bometrcs can freely be updated by the smart card holder (a regstered user U ) at wll wthout any nteracton wth the server. The server can be totally unaware of the password and bometrcs change. Theorem 4. The proposed scheme can resst the stolen verfer Proof: In the proposed scheme, the telecare server does not mantan a user verfcaton table or a password table. No user verfable nformaton can be obtaned from the server S. So the proposed scheme can prevent the stolen verfer attack. Theorem 5. The proposed scheme can resst off-lne password guessng Proof: Wthout loss of generalty, assume that an adversary obtans a smart card but the password of the user s kept secret to the adversary. Then the adversary can extract the nformaton {Y,h(),N, Z } stored n the smart card. The password s protected n the card as h(id x) h(id PW B N ). The message {ID,C } s transmtted. The adversary cannot work out the key h(id x) from the cphtertext C whch s changng wth fresh random value r. Therefore, even f an adversary has extracted the message and ntercepted the transmtted message, he stll can not obtan a verfcaton functon about the password from the stored nformaton h(id x) h(id PW B N ). For a passve adversary, the adversary can not calculate {r, N, x, B } to verfy the canddate password through the transmtted messgage {ID,C }. Ths also makes off-lne password attack mpossble for a passve adversary. The password s not appled to compute any authentcaton message. Thus, the undetectable on-lne password guessng attack wll not work. The above analyses show that the proposed scheme can resst aganst password guessng attacks and acheve true two-factor authentcaton. Theorem 6. The proposed scheme can resst mpersonaton Proof: If an adversary attempts to mpersonate a legal user U, he has to generate a correct cphtertext C. Snce X =Y h(id PW B N ) or X =h(id x), we know from the analys of Theorem 1 and Theorem 2 that t s nfeasble for the adversary to obtan X. Thus, the adversary chooses a random nonce r, a key X and encrypts h(r ID ) ID r wth the key X. Next, he adversary sends the cphertext and ID to the server S. Obvously, snce two keys X and X are dfferent, the server S decrypts the cphtertext and wll obtan a dfferent hash functon. Thus, the server S wll dentfy that the servce requester s not a regstered user. Hence, our authentcaton scheme for TMIS can resst aganst mpersonaton Theorem 7. The proposed scheme can resst nsder Proof: In the proposed scheme, snce the user uses h(id PW B N ) nstead of PW durng the regstraton phase and {B, N } s kept secret from the server, the server can never fnd out the user s password. Thus, some nsder attacks are avoded. Now, we consder the mpersonaton attack n the followng case: a malcous user U j attempts to mpersonate a user U who has ever accessed the server S. In order to mpersonate the user U to logn the server, the malcous user chooses a random nonce r and calculates C. However, the message C s generated by encrypton wth the key X. Due to the one-wayness and collson resstance of hash functon, the user U j can not extract x from her secret value X j =h(id j x). Thus the malcous user U j can not compute X. By the smlar anlyss n Theorem 6, t s nfeasble for U j to generate the vald logn message { ID, C }. Theorem 8. The proposed scheme can resst replay Proof: The proposed scheme uses two fresh random values r and r s to protect aganst replay attacks durng the logn phase and authentcaton and key agreement phase, respectvely. Assume that an adversary ntercepts the message {ID,C } and attempts to mpersonate U by replayng t. However, after recevng the message {r s, a }, 202 PRZEGLĄD ELEKTROTECHNICZNY, ISSN , R. 89 NR 5/2013

4 snce the adversary has no knowledge of r, he cannot compute the correct value b =h(id r s r ) wth a fresh r s. The value b s used by the server to confrm that the servce requester has the rght value of r. Then S can easly detect the replay attacks by checkng f b =h(id r s r ). 2. Performance and functonalty analyses Due to the resource constrants of smart card, the password based smart card authentcaton scheme must take effcency nto consderaton. In ths secton, we wll evaluate the performance of the proposed scheme and make comparson wth some authentcaton schemes for TMISs [8-11]. We evaluate the effcency n terms of computaton cost. A comparson of the effcency and securty features of our scheme wth those schemes s gven n Table 2. To analyze the computatonal complexty of the schemes, we defne T s, t e, t nv, t h, t sym and t m be the tme cost of one scalar multplcaton n a group, one modular exponentaton n Z p, one nverse operaton n Z q, one hash operaton, one symmetrc encrypton or decrypton operaton, and one modular multplcaton n Z q, respectvely. Accordng to [19-22], the tme cost of all operatons satsfes the followng: T s 29t h, t h t m, and t e t nv 240t m, t sym 2.25t h. The smart card based authentcaton schemes consst of four phases: regstraton, logn, authentcaton and key agreement, and password and bometrcs update. We lst the computaon cost n all the phases n Table 2 of the smart card based authentcaton schemes [8-11] for the user (smart card) and the remote medcal server,repectvely. In the proposed scheme, each entty needs to carry out two hash functon operatons durng the regstraton phase. Durng the logn and authentcaton phases, the smart card requres one symmetrc encrypton and fve hash functon operatons, whle the telecare server requres one symmetrc decrypton operaton and four hash functon operatons. Durng the password and bometrcs update phase, the smart card takes three hash operatons. Compared wth the prevous schemes above mentoned, Table 2 Comparson of computaton cost Regstraton phase Logn and authentcaton phase Password update phase the user or the smart card needs one more or two more hash operatons. Snce the password and bometrcs update phase n our scheme can provde the verfcaton functon, the smart card needs one more hash operatons to update password and bometrcs than the schemes [10,11]. Although the schemes [8,9] cannot provde the verfcaton durng the password update phase, the smart card n [9] needs two hash operatons, one nverse operaton, one modular multplcaton n Z q, one modular exponentaton, whle the smart card n [11] needs two nverse operatons, two modular multplcatons n Z q, two modular exponentaton operatons. In the proposed scheme, the total computaton cost for smart card s equvalent to about 12 hash functon opeatons, whle the total computaton cost for smart card s equvalent to about 8 hash functon opeatons. By contrast, the total computaton cost for smart card n [8-11] s equvalent to about 969 hash functon opeatons, 970 hash functon opeatons, 278 hash functon opeatons and 247 hash functon opeatons, respectvely. The total computaton cost for the telecare server n [8-11] s equvalent to about 1206 hash functon opeatons, 965 hash functon opeatons, 754 hash functon opeatons and 245 hash functon opeatons, respectvely. The comparson n Table 2 clearly ndcates that the proposed scheme acheves hgh effcency. Both the user and the telecare server take much less computaton to accomplsh the mutual authentcaton and key agreement than the prevous smart card based authentcaton schemes for TMIS [8-11]. We lst the functon features of the schemes present n [8-11] and the proposed scheme n Table 3. It demonstrates that our scheme can acheve the essental requrements for a secure authentcaton scheme for TMIS.Those smart card based authentcaton schemes for TMIS n [8-11] cannot provde the verfcaton functon durng the password change phase. Ths wll lead to the denal of servce attacks by changng the password. In addton, the schemes n [8-10] are vulnerable to offlne password guessng Thus, they cannnot provde the two-factor authentcaton. [8] [9] [10] [11] Proposed scheme Smart card 0 t h t h t h 2t h Server 3t e +t nv +2t m 962t h t e +t nv +t h 481t h t e 240t h t h 2t h Smart card 4t h +3t m 7t h t e +t nv +5t h +t m 486t h t e +6t h +T s 275t h t e +4t h 244t h 5t h +t sym 7.25t h Server t e +4t h 244t h t e +t nv +4t h 484t h t e +t nv +5t h +T s 514t h t e +4t h 244t h 4t h +t sym 6.25t h Smart card 2t e +2t nv +2t m 962t h t e +t nv +2t h +t m 483t h 2t h 2t h 3t h Table 3 Comparson of functon features [8] [9] [10] [11] Proposed scheme Offlne password guessng attack * * Two-factor authentcaton * * Impersonaton attack Insder attack Verfcaton n password update phase Key agreement Note: * denotes the attack s found n [10]; Δ denotes the attack s found n [9]; denotes the attack s found n [11]. Conclusons In the paper, we have proposed an effcent bometrcsbased authentcaton scheme for telecare medcne nformaton systems. Securty analyses have showed that the proposed scheme can wthstand varous possble attacks and acheve the stronger securty. The functonalty comparson shows that our scheme holds the advantages over the prevous smart card based authentcaton schemes for TMIS. Our scheme s very effcent. Dynamc dentty based authentcaton schemes can provde anonymty. However, Wang et al. s scheme, Pu et al. s scheme and Khan et al. s scheme have some securty ssues. Future work s to desgn secure dynamc dentty authentcaton schemes for TMIS wth hgh effcency. Acknowledgments Ths work s partally supported by the Natonal Natural Scence Foundaton of Chna under Grant No and Natural Scence Foundaton of Jangx Provnce (20122BAB201035). PRZEGLĄD ELEKTROTECHNICZNY, ISSN , R. 89 NR 5/

5 REFERENCES [1] Al Ameen, M. Lu, J., Kwak,K., Securty and prvacy ssues n wreless sensor networks for healthcare applcatons, J Med Syst,(36)(2012, [2] Adamsk, T., Wneck, W., Entty dentfcaton algorthms for dstrbuted measurement and control systems wth asymmetry of computatonal power, Prz Elektrotechnczn,( 2008),No. 05 [3] Cheng, X.R., L, M.X., The authentcaton of the grd montorng system for wreless sensor networks, Prz Elektrotechnczn, (2013),No.01a [4] Pejaś, J., El Fray, I., Rucńsk, A., Authentcaton protocol for software and hardware components n dstrbuted electronc sgnature creaton system, Prz Elektrotechnczn, (2012),No.10b [5] Lamport, L., Password authentcaton wth nsecure communcaton, Commun ACM, 24(1981),28-30 [6] Hwang, M.S., L, L.H., A new remote user authentcaton scheme usng smart cards,ieee Trans. Consum. Electron, 46(2000),No.1, [7] Das, M.L., Saxena, A., Gulat, V.P. A dynamc d-based remote user authentcaton scheme,ieee T Consum Electr, 50(2004),No.2, [8] Wu, Z. Y., Lee, Y. C., La, F., Lee H. C., Chung, Y., A secure authentcaton scheme for telecare medcne nformaton systems, J. Med. Syst. do: /s , [9] He, D. B., Chen, J. H., and Zhang, R., A more secure authentcaton scheme for telecare medcne nformaton systems, J.Med. Syst. do: /s , 2011 [10] We, J., Hu, X., Lu, W., An mproved authentcaton scheme for telecare medcne nformaton systems,j. Med. Syst. do: /s , 2012 [11] Zhu,Z., An Effcent authentcaton scheme for telecare medcne nformaton systems,j. Med. Syst. do: /s , 2012 [12] Wang, R.-C., Juang, W.-S., Le, C.-L., Provably secure and effcent dentfcaton and key agreement protocol wth user anonymty,j Comput Syst Sc, do: /j.jcss [13] Pu, Q., Wang, J., Zhao, R.-Y., Strong authentcaton scheme for telecare medcne nformaton systems, J Med Syst,36(2012), [14] Khan, M. K., et al., Cryptanalyss and securty enhancement of a more effcent & secure dynamc d-based remote user authentcaton scheme,comput. Commun. 34(2010), No.3, [15] Chen, H.-M., Lo,J.-W., Yeh, C.-K., An Effcent and Secure Dynamc ID-based Authentcaton Scheme for Telecare Medcal Informaton Systems, J Med Syst, DOI /s y [16] Messerges, T.S., Dabbsh, E.A., Sloan, R.H., Examnng smartcard securty under the threat of power analyss attacks, IEEE T Comput, (51)2002.,No.5, [17] Kocher, P., Jaffe, J., Jun, B., Dfferental power analyss,advances n Cryptology-CRYPTO'99, Santa Barbara, Calforna, USA, August 15-19, Lecture Notes n Computer Scence 1666, Sprnger, ISBN , ,1999 [18] Bayam, K. A., O rs, B., Dfferental power analyss resstant hardware mplementaton of the RSA cryptosystem, Turk J Elec Eng & Comp Sc, (18)2010,No.1, [19] Fan, Ch.-I. Sun, Huang, W. Z., Vncent, S.-M.,Provably secure randomzed blnd sgnature scheme based on blnear parng,comput Math Appl, 2010, No.60, [20] Kobltz, N., Menezes, A.J., Vanstone, S.A.,The state of ellptc curve cryptography, Desgn Code Cryptogr, (19)2000, No.2-3, [21] Xue,K.M.,Hong, P.L., Securty mprovement on an anonymous key agreement protocol based on chaotc maps, Commun Nonlnear Sc Numer Smulat, 2012, No.17, [22] Menezes, A., Van Oorschot, P. C., Vanstone, S. Handbook of Appled Cryptography, CRC Press, USA,1997. Authors: Dr. Zuowen Tan, School of Informaton Technology, Jangx Unversty of Fnance & Economcs,Nanchang, 30032, Chna, tanzyw@gmal.com 204 PRZEGLĄD ELEKTROTECHNICZNY, ISSN , R. 89 NR 5/2013