In order to guarantee secure communications in cloud storage service, we integrated the concept of session key establishment and extended chaotic maps into our proposed method which aims to allow data senders and data receivers to establish a secure common session key through a trusted cloud server over an insecure channel when they wish to share the sensitive data in cloud storage service. Moreover, due to the characteristics of extended chaotic maps and session key establishment, the agreed session key is only known by the communication participants. Therefore, we propose a secure three-party authenticated key exchange protocol (3PAKE) based on extended chaotic maps in cloud storage service without using smart card and timestamp, which requires neither long-term secret keys nor symmetric cryptosystems. According to our security analysis, our proposed protocol not only can achieve many general requirements that 3PAKE protocols should fulfill but also can against various known attacks. In this paper, comparing with other 3PAKE protocols, our proposed protocol is more secure and practical for real environments.
Keywords-Three-party authenticated key exchange; Network security; Session key; Cloud storage service; Extended chaotic maps. 978-1-4799-8342-1/15/$31.00 漏2015 IEEE ICOIN 2015 Data sender Cloud server Data receiver