Chaotic map based key agreement with/out clock synchronization

In order to address Bergamo et al.'s attack, Xiao et al. proposed a key agreement protocol using chaotic maps. Han then presented three attacks on Xiao et al.'s protocol. To enhance the security of key agreement based on chaotic maps, Chang et al. proposed a new key agreement using passphrase, which works in clock synchronization environment. However, their protocol still has some issues: one is its passphrase is not easy to remember and much longer than password; the second one is it cannot resist guessing attack if the constructed passphrase is easy to remember and also has already existed in some rational dictionaries; the third one is it cannot work without clock synchronization. In this paper, we will present two different key agreement protocols, which can resist guessing attack. The first one works in clock synchronization environment. The second one can work without clock synchronization. They both use authenticated password for secure communications. The protocols are secure against replaying attacks and a shared session key can be established.