Cryptology ePrint Archive: Report 2014/589

Authenticated Key Exchange from Ideal Lattices

Jiang Zhang and Zhenfeng Zhang and Jintai Ding and Michael Snook and Özgür Dagdelen

Abstract: Authenticated key exchange (AKE) protocols, such as IKE and SSL/TLS, have been widely used to ensure secure communication over the Internet. We present in this paper a practical and provably secure AKE protocol from ideal lattices, which is conceptually simple and has similarities to the Diffie-Hellman based protocols such as HMQV (CRYPTO 2005) and OAKE (CCS 2013). Our protocol does not rely on other cryptographic primitives---in particular, it does not use signatures---simplifying the protocol and resting the security solely on the hardness of the ring learning with errors (RLWE) problem. The security is proven in a version of the Bellare-Rogaway model, with enhancements to capture weak Perfect Forward Secrecy. We also present concrete choices of parameters for different security levels. A proof-of-concept implementation shows our protocol is a practical candidate post-quantum key exchange protocol.

Category / Keywords: Authenticaed Key Exchange, RLWE, HQMV

Date: received 29 Jul 2014, last revised 30 Sep 2014

Contact author: jintai ding at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20140930:143444 (All versions of this report)

Short URL: ia.cr/2014/589

Discussion forum: Show discussion | Start new discussion