Cryptology ePrint Archive: Report 2014/589

Authenticated Key Exchange from Ideal Lattices

Jiang Zhang and Zhenfeng Zhang and Jintai Ding and Michael Snook

Abstract: Authenticated key exchange (AKE) protocols, such as IKE and SSL/TLS, have been widely used to ensure secure com- munication over the Internet. We present in this paper a practical and provably secure AKE protocol from ideal lat- tices, which is conceptually simple and has similarities to the Diffie-Hellman based protocols such as HMQV (CRYP- TO 2005) and OAKE (CCS 2013). Our protocol does not rely on other cryptographic primitives—in particular, it does not use signatures—simplifying the protocol and resting the security solely on the hardness of the ring learning with er- rors (RLWE) problem. The security is proven in a version of the Bellare-Rogaway model, with enhancements to cap- ture weak Perfect Forward Secrecy. We also present concrete choices of parameters for different security levels. A proof- of-concept implementation shows our protocol is a practical candidate post-quantum key exchange protocol.

Category / Keywords: public-key cryptography, Authenticaed Key Exchange, RLWE, HQMV

Date: received 29 Jul 2014, last revised 17 Aug 2014

Contact author: jintai ding at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20140817:165635 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]