Content uploaded by C. Atheeq
Author content
All content in this area was uploaded by C. Atheeq on Sep 19, 2023
Content may be subject to copyright.
Int. J. Computer Applications in Technology, Vol. 56, No. 4, 2017 309
Copyright © 2017 Inderscience Enterprises Ltd.
Mutually authenticated key agreement protocol
based on chaos theory in integration of internet
and MANET
C. Atheeq* and
M. Munir Ahmed Rabbani
B.S. Abdur Rahman University,
Chennai, India
Email: atheeq.prof@gmail.com
Email: marabbani@bsauniv.ac.in
*Corresponding author
Abstract: Integrated Internet MANET (IIM) is a network which is formed by the interconnection of
the internet and mobile ad hoc network. IIM suffers from many security issues due to open wireless
medium and lack of mutual authentication. Mutual authenticated key agreement technique is used to
securely agree on session key between communicating entities. In order to provide mutual
authentication between mobile node and a fixed node in IIM, one must overcome two problems i.e.
key management and computational cost. The strength of any security algorithm depends on its key
management technique. We propose a method to provide mutual authentication between
communicating entities using chaos theory. It overcomes the key management cost by avoiding
modular exponentiation and scalar multiplications. Through extensive simulation analysis, we
conclude that the proposed method provides a better approach towards security and protection of
data from malicious nodes with minimum overhead in IIM.
Keywords: integration; mutual authentication; chaotic maps; security; gateway; MANET.
Reference to this paper should be made as follows: Atheeq, C. and Rabbani, M.M.A. (2017)
‘Mutually authenticated key agreement protocol based on chaos theory in integration of internet
and MANET’, Int. J. Computer Applications in Technology, Vol. 56, No. 4, pp.309–318.
Biographical notes: C. Atheeq received his BTech in CSE in 2009 and MTech in SE in 2012
from JNTU Hyderabad. He is currently pursuing PhD under the direction of Prof. M. Munir
Ahmed Rabbani from B.S. Abdur Rahman University, Chennai. His primary research work is
security under Internet MANET Integration. He is currently working as Assistant Professor in
Deccan College of Engineering and Technology affiliated to Osmania University, Hyderabad,
India. He has guided many BTech and MTech students for their academic projects.
M. Munir Ahmed Rabbani has received his MSc degree in Mathematics from Madurai Kamaraj
University, Madurai, MPhil degree in Mathematics from Alagappa University, Karaikudi, in 1986
and 1990 respectively, and the MCA degree from Bharathidasan University, Trichi, in 2001. He
received the PhD degree from Anna University in 2009. Presently he is working as a Professor in
the School of Computer, Information and Mathematical Sciences, B.S. Abdur Rahman University,
Chennai. His research interests include biometric systems, image processing, applications of face
recognition to computer vision and pattern recognition problems and computer graphics.
1 Introduction
A Mobile Ad hoc Network (MANET) is a set of autonomous
mobile nodes without any infrastructure, self-configurable
wireless network (Melaku et al., 2015). MANETs are
considered useful in the domain where infrastructure-based
communications are not available readily. Each node in a
system goes about as a router to deliver packets to next node.
From existing system-related situations, plainly utilisation of
MANET is exceptionally uncommon when contrasted and
different wireless communication advances. So as to give
web administrations to the mobile nodes in the MANETs
while improving the application area of MANET in future
wireless systems, it is important that the MANET ought to be
associated with the web. Many research works (Sumathi et al.,
2015; Abduljalil and Bodhe, 2007; Sivakami and Shanmugavel,
2011; Ding, 2008; Dosaranian-Moghadam and Bakhshi,
2012; Khan et al., 2011; Jisha et al., 2016) concentrate on
coordinating MANET with other kinds of systems to lessen
the cost of correspondence, additionally essential to give
information uprightness between a fixed node and mobile
node. Past works on Green Communication, Internet of
Things, Machine-To-Machine Networks, and Device-to-
Device communication demonstrate a positive approach
towards infrastructure-less network like MANET to be
incorporated into their design (Khan et al., 2011). The
310 C. Atheeq and M.M.A. Rabbani
integration connects more elements to both MANETs and
internet (Jisha et al., 2016). To associate a mobile node with
the external world, it needs to select a gateway by utilising
any of the three existing approaches that are designed for
discovering gateway specifically proactive, reactive and
hybrid (Sivakumar and Manoharan, 2015; Rai et al., 2010). In
proactive approach, gateway advertisement messages are
periodically broadcast for finding out and registering
the new nodes that are coming in the range of network.
In reactive approach, the new mobile nodes that are entering
the network send a request message to find out gateway
and register with it. In hybrid approach, gateway sends
advertisement messages and mobile node sends a request
message simultaneously.
Normally, a mobile node can get access to internet services
that are under the coverage of gateway, and the nodes which
are not in the range of gateway can access internet by the use of
multi-hop routing to outreach the gateway through other
mobile node as shown in Figure 1. The integration attaches
additional features for MANETs as well as internet.
Scope territory of MANET can be reached without losing
associations and give portability bolster amongst isolated and
blended MANETs utilising different gateways. The integrated
engineering supports a diminishing quantity of base stations
and enhancing scope to achieve dead spots. There might be a
few malevolent users who discard the data that is going
through gateway. The source might be ignorant of the nearness
of these kinds of nodes that may change the information. So
such kind of getting into mischief nodes ought to be recognised
in the MANETs and furthermore guarantees determination of a
legitimate gateway node.
Figure 1 Internet MANET integration
To convey security, the most essential, straightforward and
helpful pre-imperative is the ‘Mutual Authenticated Key
Agreement’ technique. Mutual Authenticated Key Agreement
is a procedure where two imparting nodes in a system
framework authenticates with one another and shares a secret
key among them as a part of data shared by one another. This
is an essential need to protect the framework environment
from malevolent nodes that ensures the private session key is
set up connecting two nodes.
1.2 Need for security in IIM
Security is required in the integrated MANET-internet
environment because it provides more decentralised entry
points for malware. Integrating MANETs with internet results
in heterogeneous network that creates more complexity and
new security risks in IIM. Except to see many different
techniques and vendors addressing these issues with policy-
driven approaches to security and provisioning, most of the
research works by Xi and Bettstetter (2002), Rai et al. (2010),
Ramanarayana and Jacob (2007), and Diffie and Hellman
(1976) have focused on preventing data from malicious nodes
in MANET-internet communication and the infrastructure
networks based on IP. Selecting authenticated nodes in
IIM for data forwarding from mobile node to fixed node
through the gateway is difficult and lacks performance in
integrated networks. So we have to consider the security for
authenticating mobile nodes with the fixed nodes in IIM.
When all said is done, assaults on internet connectivity
are brought about by malevolent nodes which may adjust,
discard or produce the packets identified with mobile IP,
registration request or reply to disturb the worldwide
internet network. Some of the possible attacks on IIM are as
follows:
Bogus Registration: A bogus registration is an active
attack in which an attacker does a registration with a bogus
care-of address by masquerading itself as someone else.
Replay Attack: If the valid data transmission is maliciously
delayed then it causes a replay attack. This is completed
either by the originator or by a foe who blocks the
information and retransmits it.
Forged FA: A node advertising itself as a fake foreign
agent causing the mobile nodes to register with it leads to
an attack known as forged foreign agent. Presently, forged
FA can catch the delicate system information and may
upset the best possible working of the network.
Impersonation attack: If in an attack, an adversary
completely considers the identity of a false node in the
network, then it leads to impersonation attack.
Man-in-the-middle attack: In cryptography, if the
intruder secretly relays and interrupts the conversation
between the two nodes who think that they are
interacting directly then this leads to this attack.
Known-key security: It is defined as a protocol that can
secure the session keys from revealing to security
breach even if the past session keys are known by the
intenders.
Perfect forward secrecy: An authenticated multiple key
foundation protocol gives idealised forward mystery if the
trade-off of both of the nodes’ secret keys can’t bring
about the bargain of beforehand established session keys
Data integrity: This is said to be achieved if the data
sent by the source is not altered or modified in the
network by attackers and the data reaches the
destination safely.
Mutually authenticated key agreement protocol 311
Guessing attacks: In an off-line guessing attack, an
attacker guesses the secret key and verifies his/her guess,
but he/she does not need to participate in any
communication during the guessing phase. In an
undetectable on-line guessing attack, an attacker searches
to verify a guessed secret key in an on-line transaction and
a failed guess cannot be detected and logged by the server.
Session key security: A communication protocol exhibits
session key security if the session key cannot be obtained
without any long-term secrets.
Our proposed method provides authentication between MN
in MANET and FN in internet by sharing a secret session
key and also resolving the bogus registration, man in the
middle attack and known-key security.
The rest of the paper is organised as follows: section 2
describes work carried out towards security in IIM. Section 3
describes chaos theory and Chebyshev polynomials. Section 4
explains the proposed mechanism for mutual authentication
based on chaotic maps. Section 5 shows the results and
comparison with existing protocols. Al last we conclude the
paper in section 6.
2 Related work
The most challenging issue in IIM is deploying security as it
is integrated and with resource-constraint network. For
providing security in IIM, the big essential, forthright and
pertinent pre-requisite is to provide mutual authentication
between mobile node and fixed node. The network
environment is safeguarded from unauthorised users
through the process of authentication and assures that the
communicating nodes agree on the session key securely.
Mutual authentication in IIM is a security feature in which a
mobile node must prove its identity to fixed node and the
fixed node must prove its identity to mobile node, before
any data traffic is sent. As the network is integrated, the
mobile node has to first register with the gateway and then
authentication between mobile node and fixed node is
proved and verified.
In writing different confirmed key understanding
conventions are created in view of various cryptographic
strategies, for example, ECC, character based, RSA and
Diffie–Hellman issue. These protocols assist arranged in light
of various characteristics, for example, timestamp, secrecy
secret key, brilliant card and biometric. However these
conventions have two key qualifications: ID of vulnerabilities
and conquering the vulnerabilities by new strategies. Lately,
two gathering confirmed key assertion conventions grew
broadly in view of RSA and ECC given by Tahat (2016).
These conventions endure with overwhelming computational
overhead and are not appropriate for IIM compelled asset
environment.
Toradmalle et al. (2016) proposed a method to provide
data integrity in MANETs by symmetric key cryptography
incorporating in network layer. Major objective is to provide
security to data, when data is transfered between
communicating entities. This method provides the trust
management by data integrity and confidentiality. However,
major disadvantage of symmetric key cryptography is key
distribution in network. In MANETs due to mobility and
constraint resources key distribution is very much challenging
task. Thus, in this work we propose a method to establish
secret key between communicating entities. Moreover in
literature two techniques are used to provide mutual
authenticated key agreement in MANETs, but these
approaches are computationally expensive in comparison with
chaotic maps given by Zhu (2015). Thus, we use the chaotic
maps to provide mutual authenticated key agreement for IIM.
In this work, we propose a mutual authenticated key
agreement protocol for IIM based on chaotic maps by
sharing the password in a secure channel. The significant
commitment of the work is key management and
computational cost. As per best of our knowledge we are the
first to employ the authenticated key agreement protocol for
IIM. Moreover our method is chaotic map based, which has
less overhead in comparison with RSA & ECC.
3 Chaos theory
With the fast improvement of chaotic concept identified
with cryptography (Khan et al., 2013; Hussain et al., 2013;
Hussain et al., 2012; Behnia et al., 2007; Xiao et al., 2005;
Baptista, 1998), large amounts of key management protocols
that uses chaos theory are analysed strongly. Depending
upon the number of users, the protocols that use chaos
concept can be seen in three types: key agreement protocols
for authentication with two-tier, three-tier and multi-tier
architectures (Özkaynak and Yavuz, 2013; Guo and Zhang,
2010; Xie et al., 2013; Gong et al., 2012; Tseng et al., 2009;
Niu and Wang, 2011; Xue and Hong, 2012; Yoon, 2012;
Tan, 2013; Lee and Hsu, 2013; Guo and Chang, 2013;
Wang and Zhao, 2010; Yoon and Jeon, 2011; Lai et al.,
2012; Zhao et al., 2013; Lee et al., 2013; Lai et al., 2014;
Wu et al., 2013). Novel security properties and enhancing
the proficiency are observed in works proposed by Tseng
et al. (2009) and Niu and Wang (2011). As of late, the key
management technique for authentication based on
password for three-tier architecture utilising modular
exponentiation on an elliptic curve is broadly presented by
Lai et al. (2014) and Wu et al. (2013). In any case, these
plans require substantial calculation weights and even latest,
the exploration is still stay on key management scheme for
authentication on three-tier architecture.
Our work aims to accomplish protective communication
with security objective authentication as it is the best approach
to accomplish trustworthiness and non-denial in information
correspondence between MN in MANET and FN in internet.
Chebyshev polynomial’s composition property presented by
Mason and Handscomb (2002) shows the theory of two
element key agreement idea which permits the imparting
elements to trade open keys via unprotected channel and
312 C. Atheeq and M.M.A. Rabbani
creates a common secret key among them. Methods proposed
by Zhu (2015), Zhen et al. (2014) and Cai et al. (2015) utilised
Chebyshev polynomial’s for key management to authentication
yet they accept that distribution of private data is via some safe
medium however it is constrained to MANET. Thus it inspires
us to develop another strategy to give key agreement for
mutual authentication in IIM.
3.1 Defining Chebyshev chaotic maps with its
properties
Assuming that the integer and variable are n and x respectively
in intervals [–1,1]. Chebyshev polynomial Tn(x):[–1,1] →
[–1,1] is defined as Tn(x) = cos(narccos(x)). Chebyshev
polynomial map Tn: R→R of degree n is defined using the
recurrent relation given by Lee et al. (2013) which is given in
equation (1):
12
*2 ,
nnn
Tx xT xT x
(1)
where n≥2, T0(x)=1, and T1(x)=x.
The first few Chebyshev polynomials are:
2
2
3
3
42
4
21,
43,
881,
Tx x
Tx x x
Tx x x
Semi-group property is an important property of Chebyshev
polynomials that is formed by satisfying equation (2) as
,rs rs
TTx T x (2)
An immediate consequence of this property is that
Chebyshev polynomials commute under composition in
equation (3).
rs sr
TTx TTx (3)
For improving privacy, Cai et al. (2015) proposed the semi-
group concept that influence Chebyshev polynomials given
in interval [–∞,+∞]. Improved Chebyshev chaotic maps are
utilised in developed mechanism as in equation (4):
12
2mod
nnn
Tx xT x T x N
(4)
where n≥2, x(–∞,+∞), and N is a large prime number.
Obviously their relation is represented in equation (5),
,rs r s s r
TxTTx TTx (5)
Definition 1: Semi-group property of Chebyshev polynomials:
11
1
cos cos cos
cos cos
rs
sr
sr
TTx rsx
rs x T x
TT x
Definition 2: Consider the parameters x and y, it’s difficult
to discover the whole numbers, such that Ts(x) = y. It is
called the Chaos Map Based Discrete Logarithmic Problem
(CMBDLP).
Definition 3: Considering x, Tr(x) and Ts(x), it’s difficult to
find Trs(x) = y. It is called the Chaos Map Based Diffie–
Hellman Problem (CMBDHP).
3.2 Hash function
The properties of hash function h:a→b in cryptosystem are
as follows:
1 The method
h accepts the data content of subjective
size as input and generates the data content digest of
non-variable size as output;
2 The method
h is uni-directional as provided a, which is
simple to calculate h(a)=b, nevertheless, provided b,
which is difficult to calculate h–1(b)=a;
3 Consider
a and its computing is not feasible to discover
a’ with the end goal that a’≠a, but h(a’)=h(a);
4 Calculations are not feasible to output the pair a, a’
with the end goal that a’≠a, but h(a’)=h(a).
3.3 Symmetric key algorithm
Symmetric key algorithm has three phases namely:
1 Key Generating Phase that deals with generation of a
random key (Kgen).
2 Encrypting Phase (E) which accepts the secret key (Kgen)
and the user program (P) in order to generate the cipher
text (C) and it can be represented as
.
gen
k
CE P
3 Decrypting Phase (D) which accepts cipher text (C) along
with the secret key (Kgen) in order to generate the original
text (P) and it can be represented as
.
gen
k
PD C
The definition and proofs of proposed key agreement protocol
and some of the resolved attacks are provided in Appendix A.
4 Proposed system
4.1 The proposed chaotic maps-based mutual
authenticated key agreement protocol with
secure password for IIM
In this work, the nodes that undergo communication are
mobile node (MN), gateway (G) and fixed node (FN). All
the nodes have ‘x’ as the public information. If a mobile
node wants to communicate with a fixed node, then it has to
get authenticated first with the gateway. In order to provide
mutual authentication between a mobile node in MANET
and a fixed node in internet, the gateway should first
authenticate whether the mobile node is authentic or a
malicious user. Later gateway provides mutual authentication
between mobile node and the fixed node to enhance the
security in IIM
Mutually authenticated key agreement protocol 313
In Figure 2, let MN be the source mobile node, GW be
the gateway and FN be the destination fixed node.
Assuming that the source MN is trustworthy and the
password is being shared in a secure channel, we are
eliminating the intermediate malicious nodes that affect the
integrity of data being transferred and minimising the
internal attacks through the secret key sharing mechanism
that is computed by Chebyshev polynomials. It is assumed
that the MN, GW and FN share the password in a secure
channel.
Figure 2 Session key establishment between mobile node and
fixed node
Step 1: GW selects a secret prime number as ‘g’ and
computes Tg(x) and sends it to the source MN along with its
identity IDg and public information x in the message m1.
1,,
gg
mIDxTx
Step 2: MN receives the message m1 from GW and calculates
Tm(x) by selecting a secret prime number as ‘m’ now the MN
has to generate the key Kmg as Kmg = (Tm(Tg(x))) then it
performs the hash functions for the values IDm, IDg, IDf, Tm(x)
and the password pwmf by performing XOR operations on
them as
,
mg m g f m mf
H H ID ID ID T x pw where IDm,
IDg and IDf are the identities of MN, GW, and FN that are
publicly available. Now the MN encrypts the resultant hash
value with the key Kmg as
mg
mg k mg
CEH finally it sends the
message into the GW that includes the identities of sender and
receiver along with the Tm(x) and cipher text as Cmg.
2,, ,
mfm mg
mIDIDTxC
Step 3: In order to check whether the intermediate MN is
authentic or malicious, the GW has to mutually authenticate
with the help of the key Kgm so it first generates the key Kgm
with the help of Tm(x) as Kgm=(Tg(Tm(x))) and then it
decrypts the cipher text Cmg with the key Kgm that results
Hmg as
.
gm
kmg mg
DC H Now the GW computes Hgm by
applying hash functions to the information it has as
g
mmgfmmf
H H ID ID ID T x pw now the GW verifies
Hgm and Hmg. If Hgm = Hmg, then the MN is mutually
authenticated. But we need to authenticate MN with FN. So
the GW interacts with FN by sending message m3.
3,, ,
gmg
mIDIDTxx
Step 4: The FN selects a secret prime number ‘f’ and computes
Tf(x), it finds its secret key Kfg as Kfg = (Tf(Tg(x))) then performs
hash function by XOR the information it has as
Hfg= H(
mg ff mf
I
DIDIDTxpw). Then the cipher text Cfg
is obtained by encrypting the resultant hash value Hfg by the
key Kfg as
.
fg
fg k fg
CEH Finally FN sends the message m4.
4,
ffg
mTxC
Step 5: The GW extracts Tf(x) and finds the key Kgf as
Kgf =(Tg(Tf(x))) with this key it decrypts the cipher text Cfg
in order to obtain the hash value as
gf
kfg fg
DC H now it
computes Hgf by applying hash function to the information it
has as
g
fmgffmf
H H ID ID ID T x pwand verifies
Hgf with Hfg. If Hgf = H
fg then it shares the information of
MN with the FN and vice versa in order to provide mutual
authentication between them. GW sends Tf(x) to MN and
Tm(x) to FN.
56
,
fm
mTxmTx
Step 6: The MN finds the key Kmf as Kmf = (Tm(Tf(x))), then it
again performs the hash functions on the information with it as
mf m g f f mf
H H ID ID ID T x pw and encrypts it with
the key Kmf as
.
mf
mf k mf
CEH Now it sends the encrypted
data Cmf to GW which is further forwarded to FN as the
message m7.
7mf
mC
Step 7: After receiving m5, the FN first competes the key Kfm
as Kfm = (Tf(Tm(x))), and decrypts the cipher text to obtain
the hash value as
.
fm
kmf mf
DC H Now it compares Hmf
with the computed value Hfm. If both are same then the MN
and FN are mutually authenticated.
The flow chart for working of proposed mechanism is
represented in Figure 3.
314 C. Atheeq and M.M.A. Rabbani
Figure 3 Mutual authentication between mobile node and fixed node through gateway
5 Performance analysis
We are using NS 2.34 simulator for analysing the
performance of the network scenario. The network
parameters of our simulations are shown in Table 1. In same
network environment we have implemented the existing
work proposed by Mohammad and Atheeq (2016), and
compared it with our proposed work. We calculated the
overhead and session key agreement time of proposed
model with respect to key size. Moreover our proposed
scheme is overcome with bogus registration, data integrity,
known-key security attack and man-in-the middle attack.
We further implemented the proposed work in NS2, as a
network scenario represented in Figure 4, in which mobile
nodes of MANETs and fixed nodes of infrastructure-based
network are connected by static gateway. Our authenticated
key agreement algorithm is applicable if a mobile node
in MANETs wants to communicate with fixed node in
infrastructure base network.
Table 1 Simulation parameters of IIM
Network parameters Values
Simulation duration 100 s
Number of nodes 20–50
Link layer Logical link
MAC 802.11
Mobility Random waypoint
Routing Reactive
Radio communication Random waypoint
Queue Drop-tail priority
Application CBR
Network area 1200 m × 1200 m
Mutually authenticated key agreement protocol 315
Figure 4 IIM simulation scenario
Comparison between RSA and chaotic map-based key
generation are shown in Figure 5. It demonstrates that
chaotic map-based technique provides less computational
overhead in comparison with RSA. As we increase the key
size, the time taken to generate the key also increases and in
the above figure, for the key size of 32 bits, RSA consumes
0.080058 s and the same size key when generated using
chaotic maps consumes 0.002699 s. So our proposed
protocols takes less time for generating key compared to
RSA.
Figure 5 Comparison of key size (bits) vs. time (seconds)
Figure 6 Computation overhead of existing models vs. proposed
model
In the existing security algorithms that are designed for
authenticated key agreement provides more overhead as in
Figure 6 when compared to the proposed model. In the
simulation scenario, as the number of nodes increases there
is less variation in proposed model whereas the traditional
and existing security algorithms have huge variations that
also degrade the performance of network.
Key management is an important aspect that allows
the source and destination nodes to agree on a session key.
Our proposed model consumes less time for managing the
key between mobile node and a fixed node in IIM and is
compared in Figure 7. The figure shows a slow start up at
initial nodes and as the mobile nodes increases, the key
management time gradually increases and the overall
performance of the proposed model is better than existing
algorithms.
Figure 7 Key management time vs. number of nodes
Since MANET and internet are integrated, there is a chance
that the attacks can occur at gateway as well as at the
MANET side so care has been taken to avoid some of the
attacks that are occurring in integrated internet MANET.
Thus we also used the primitive operation count to evaluate
the computation cost for performance calculation at mobile
node and fixed node that participate in key agreement.
However, our proposed method resolves the attacks such as
bogus registration, man-in-the-middle attack and known-key
security, at the same time it is less computationally costly than
integrated internet MANETs. It is important to achieve
effective network performance, as MANET has constrained
resources. Thus, compare to existing works presented by
Toradmalle et al. (2016) and Zhu (2015) our work is
computational quicker for generating secret keys.
6 Conclusion
This work presents the novel provably secure mutual
authenticated key agreement protocol based on chaotic
maps in the integration of internet and MANET. The
algorithm shows better performances compared to existing
RSA based mutual authenticated key agreement protocol
and is also robust against various security attacks in IIM.
The proposed method’s computational overhead is much less
316 C. Atheeq and M.M.A. Rabbani
compare to existing approaches, and is major factor in IIM,
as it has constrained resources. Secret keys computed by
chaotic maps could not be resolved by attackers within
polynomial time. Our work is more suitable for real time
applications, as it is based on symmetry at MANET’s nodes
and transparency at fixed nodes which are directly
connected to internet. Nodes in a network securely accruing
the password from secure channel, however in future work
password accruing method is based on biometric, so as to
provide effective security to IIM network.
References
Abduljalil, F.M. and Bodhe, S.K. (2007) ‘A survey of integrating IP
mobility protocols and mobile ad hoc networks’, IEEE
Communications Surveys & Tutorials, Vol. 9, No. 1, pp.14–30.
Baptista, M.S. (1998) ‘Cryptography with chaos’, Physics Letters
A, Vol. 240, No. 1, pp.50–54.
Behnia, S., Akhshani, A., Ahadpour, S., Mahmodi, H. and Akhavan,
A. (2007) ‘A fast chaotic encryption scheme based on piecewise
nonlinear chaotic maps’, Physics Letters A, Vol. 366, No. 4,
pp.391–396.
Cai, Z., Feng, Y., Zhang, J., Gan, Y. and Zhang, Q. (2015) ‘A
Chebyshev-map based one-way authentication and key
agreement scheme for multi-server environment’, International
Journal of Security and Its Applications, Vol. 9, No. 6,
pp.147–156.
Diffie, W. and Hellman, M. (1976) ‘New directions in cryptography’,
IEEE Transactions on Information Theory, Vol. 22, No. 6,
pp.644–654.
Ding, S. (2008) ‘A survey on integrating MANETs with the
internet: challenges and designs’, Computer Communications,
Vol. 31, No. 14, pp.3537–3551.
Dosaranian-Moghadam, M. and Bakhshi, H. (2012) ‘Tracking
mobile user through adaptive beamforming for wireless
cellular networks in a 2D urban environment’, Indian Journal
of Science and Technology, Vol. 5, No. 4, pp.2569–2577.
Gong, P., Li, P. and Shi, W. (2012) ‘A secure chaotic maps-based
key agreement protocol without using smart cards’, Nonlinear
Dynamics, Vol. 70, No. 4, pp.2401–2406.
Guo, C. and Chang, C.C. (2013) ‘Chaotic maps-based password-
authenticated key agreement using smart cards’, Communications
in Nonlinear Science and Numerical Simulation, Vol. 18, No. 6,
pp.1433–1440.
Guo, X. and Zhang, J. (2010) ‘Secure group key agreement protocol
based on chaotic hash’, Information Sciences, Vol. 180, No. 20,
pp.4069–4074.
Hussain, I., Shah, T. and Gondal, M.A. (2012) ‘A novel approach for
designing substitution-boxes based on nonlinear chaotic
algorithm’, Nonlinear Dynamics, Vol. 70, No. 3, pp.1791–1794.
Hussain, I., Shah, T., Gondal, M.A. and Mahmood, H. (2013) ‘An
efficient approach for the construction of LFT S-boxes using
chaotic logistic map’, Nonlinear Dynamics, Vol. 71, Nos. 1/2,
pp.133–140.
Jisha, G., Samuel, P. and Paul, V. (2016) ‘Role of gateways in
MANET integration scenarios’, Indian Journal of Science
and Technology, Vol. 9, No. 3.
Khan, J., Bojkovic, Z.S. and Marwat, M.I.K. (2011) ‘Emerging of
mobile ad-hoc networks and new generation technology for best
QOS and 5G technology’, Communication and Networking,
Springer, Berlin Heidelberg, pp.198–208.
Khan, M., Shah, T., Mahmood, H. and Gondal, M.A. (2013) ‘An
efficient method for the construction of block cipher with
multi-chaotic systems’, Nonlinear Dynamics, Vol. 71, No. 3,
pp.489–492.
Lai, H., Orgun, M.A., Xiao, J., Pieprzyk, J., Xue, L. and Yang, Y.
(2014) ‘Provably secure three-party key agreement protocol
using Chebyshev chaotic maps in the standard model’,
Nonlinear Dynamics, Vol. 77, No. 4, pp.1427–1439.
Lai, H., Xiao, J., Li, L. and Yang, Y. (2012) ‘Applying semigroup
property of enhanced Chebyshev polynomials to anonymous
authentication protocol’, Mathematical Problems in Engineering,
http://dx.doi.org/10.1155/2012/454823.
Lee, C.C. and Hsu, C.W. (2013) ‘A secure biometric-based remote
user authentication with key agreement scheme using
extended chaotic maps’, Nonlinear Dynamics, Vol. 71, Nos. 1/2,
pp.201–211.
Lee, C.C., Li, C.T. and Hsu, C.W. (2013) ‘A three-party password-
based authenticated key exchange protocol with user anonymity
using extended chaotic maps’, Nonlinear Dynamics, Vol. 73,
Nos. 1/2, pp.125–132.
Mason, J.C. and Handscomb, D.C. (2002) Chebyshev Polynomials,
CRC Press.
Melaku, H.M., Woldegebreal, D.H. and Raimond, K. (2015)
‘Investigating the effects of security attacks on the
performance of TCP variants and routing protocols in
MANET’, International Journal of Computer Applications in
Technology, Vol. 51, No. 3, pp.235–246.
Mohammad, A.A.K. and Atheeq, C. (2016) ‘Mutual authenticated
key agreement scheme for integrated internet MANETs’,
International Journal of Engineering Applied Sciences and
Technology, Vol. 1, No. 12, pp.25–28.
Niu, Y. and Wang, X. (2011) ‘An anonymous key agreement protocol
based on chaotic maps’, Communications in Nonlinear Science
and Numerical Simulation, Vol. 16, No. 4, pp.1986–1992.
Özkaynak, F. and Yavuz, S. (2013) ‘Designing chaotic S-boxes based
on time-delay chaotic system’, Nonlinear Dynamics, Vol. 74,
No. 3, pp.551–557.
Rai, A.K., Tewari, R.R. and Upadhyay, S.K. (2010) ‘Different types of
attacks on integrated MANET-Internet communication’,
International Journal of Computer Science and Security, Vol. 4,
No. 3, pp.265–274.
Ramanarayana, K. and Jacob, L. (2007) ‘Secure routing in integrated
mobile ad hoc network (MANET)-Internet’, Security, Privacy
and Trust in Pervasive and Ubiquitous Computing, SECPerU
2007, 3rd International Workshop on, IEEE, pp.19–24.
Sivakami, T. and Shanmugavel, S. (2011) ‘An overview of mobility
management and integration methods for heterogeneous
networks’, 2011 3rd International Conference on Advanced
Computing, IEEE, pp.41–45.
Sivakumar, T. and Manoharan, R. (2015) ‘OPRM: an efficient hybrid
routing protocol for sparse VANETs’, International Journal
of Computer Applications in Technology, Vol. 51, No. 2,
pp.97–104.
Sumathi, K., Kumar, K.S., Sathiyapriya, T. and Gowri, D.K.
(2015) ‘An investigation on the impact of weather modelling
on various MANET routing protocols’, Indian Journal of
Science and Technology, Vol. 8, No. 15.
Tahat, N. (2016) ‘Convertible multi-authenticated encryption
scheme with verification based on elliptic curve discrete
logarithm problem’, International Journal of Computer
Applications in Technology, Vol. 54, No. 3, pp.229–235.
Tan, Z. (2013) ‘A chaotic maps-based authenticated key agreement
protocol with strong anonymity’, Nonlinear Dynamics,
Vol. 72, Nos. 1/2, pp.311–320.
Mutually authenticated key agreement protocol 317
Toradmalle, D., Cherarajan, K., Shedage, M., Dogra, N. and
Gawde, S. (2016) ‘A secure protocol for trust management in
OLSR’, Proceedings of the 2nd International Conference on
Information and Communication Technology for Competitive
Strategies, ACM, p.51.
Tseng, H.R., Jan, R.H. and Yang, W. (2009) ‘A chaotic maps-
based key agreement protocol that preserves user anonymity’,
2009 IEEE International Conference on Communications,
IEEE, pp.1–6.
Wang, X. and Zhao, J. (2010) ‘An improved key agreement protocol
based on chaos’, Communications in Nonlinear Science and
Numerical Simulation, Vol. 15, No. 12, pp.4052–4057.
Wu, S., Chen, K., Pu, Q. and Zhu, Y. (2013) ‘Cryptanalysis and
enhancements of efficient three-party password-based key
exchange scheme’, International Journal of Communication
Systems, Vol. 26, No. 5, pp.674–686.
Xi, J. and Bettstetter, C. (2002) ‘Wireless multihop internet access:
gateway discovery, routing, and addressing’, Routing, and
Addressing, Proc. World Wireless Congress.
Xiao, D., Liao, X. and Wong, K.W. (2005) ‘An efficient entire
chaos-based scheme for deniable authentication’, Chaos,
Solitons & Fractals, Vol. 23, No. 4, pp.1327–1331.
Xie, Q., Zhao, J. and Yu, X. (2013) ‘Chaotic maps-based three-
party password-authenticated key agreement scheme’,
Nonlinear Dynamics, Vol. 74, No. 4, pp.1021–1027.
Xue, K. and Hong, P. (2012) ‘Security improvement on an anonymous
key agreement protocol based on chaotic maps’, Communications
in Nonlinear Science and Numerical Simulation, Vol. 17, No. 7,
pp.2969–2977.
Yoon, E.J. (2012) ‘Efficiency and security problems of anonymous
key agreement protocol based on chaotic maps’, Communications
in Nonlinear Science and Numerical Simulation, Vol. 17, No. 7,
pp.2735–2740.
Yoon, E.J. and Jeon, I.S. (2011) ‘An efficient and secure Diffie–
Hellman key agreement protocol based on Chebyshev chaotic
map’, Communications in Nonlinear Science and Numerical
Simulation, Vol. 16, No. 6, pp.2383–2389.
Zhao, F., Gong, P., Li, S., Li, M. and Li, P. (2013) ‘Cryptanalysis and
improvement of a three-party key agreement protocol using
enhanced Chebyshev polynomials’, Nonlinear Dynamics,
Vol. 74, Nos. 1/2, pp.419–427.
Zhen, P., Zhao, G., Min, L. and Li, X. (2014) ‘Key agreement protocol
based on extended chaotic maps with anonymous authentication’,
Chaotic Modeling and Simulation, Vol. 3, pp.221–231.
Zhu, H. (2015) ‘Flexible and password-authenticated key
agreement scheme based on chaotic maps for multiple servers
to server architecture’, Wireless Personal Communications,
Vol. 82, No. 3, pp.1697–1718.
Appendix A: Security proof of the proposed
protocol
1 Mutually authenticated key agreement protocol
Definition: If two nodes authenticate with one another
properly and at the same time gaining the session key is
known as mutually authenticated key agreement
Theorem: The proposed protocol can achieve mutual
authentication and key agreement.
Proof:
Phase 1: In order to authenticate MN with FN, the GW has
to authenticate the MN with it as it acts as a bridge between
them. So the MN and GW by sharing the public
information, they generate their secret keys as Kmg and Kgm
where ‘m’ and ‘g’ are known to MN and GW respectively,
and through which the MN encrypt the hash value Hgm and
decrypt the messages. If the malicious node access the cipher
text it cannot extract the plain text as the values ‘m’ and ‘g’ are
known to themselves only, they are not maintained publicly.
Phase 2: now the MN should be authenticated by the FN. So
they generate their secret keys as Kmf and Kfm respectively
such that mobile node encrypts with Kmf and FN decrypts
with the key Kfm and obtains the equal results. As the values
of ‘m’ and ‘f’ are known only to themselves, the intruder
will not be able to decrypt the text. The brief scenario is
given in Figure A1.
Figure A1 Mutual authentication through gateway
2 Bogus registration
Definition. This occurs when a malicious MN does a fake
registration by spoofing an IP address to masquerade itself as
someone else. A bogus registration may cause a wrong
mobility binding so that all packets are tunnelled to malicious
MN rather than correct MN. By a bogus registration, the
attacker obtains the right to access the internet and can
implement further attacks on internet.
Theorem. The proposed protocol prevents from bogus
registration.
318 C. Atheeq and M.M.A. Rabbani
Proof: In proposed system registration of MN is done through
authentication process in which MN uses secret prime number
for authentication purpose. The MN does not share the secret
prime number even in secure channel. So it is impossible for an
attacker to masquerade itself with other MN.
3 Man-in-the-middle attack
Definition. The man-in-the-middle attack is an attack where the
attacker secretly relays and possibly alters the communication
between two parties who believe they are directly communicating
with each other.
Theorem: The proposed protocol can resist Man-in-the-
middle attack.
Proof: The paper on one side assumes all that the password
is shared through secured medium. On the opposite side, our
method has effectively validated (in Figure 3) each other
among mobile nodes, gateway and fixed node in view of
these secrets. Thus attacker has no chance to relay and alters
the communication between MN and FN.
4 Known-key security
Definition: The process of shielding the resulting session
keys from uncovering regardless of the possibility that the
past session keys are uncovered by the intenders is said to
be Known-key security.
Theorem: The known key security can be proved by our
new technique.
Proof : As the session key SK = H(Tm, Tf (x))= H(Tf, Tm(x))
is relied on upon the irregular prime numbers m and f, and
the era of key is autonomous in all phases, an enemy can’t
process the past and the future session keys when the enemy
has one session key. What’s more, in the private upgrade
stage and only once session key is utilised, so it has known
key security trait.
