Chaotic maps have been applied in the design of authenticated key agreement protocols, which allow communication parties to exchange session keys in an authentic and secure manner. Guo and Chang recently proposed a novel password-authenticated key agreement protocol using smart card based on chaotic maps. They claimed that the protocol achieves the security goal of mutual authentication, as well as other essential security requirements. In this paper, we show that this protocol is susceptible to key-compromise impersonation and parallel session attacks. We also identify two weaknesses in the password change phase of the protocol that leads to authentication with old password and denial of service, respectively.
- Chaotic maps
- Chebyshev polynomials