Paper 2016/435
The Whole is Less than the Sum of its Parts: Constructing More Efficient Lattice-Based AKEs
Rafael del Pino, Vadim Lyubashevsky, and David Pointcheval
Abstract
Authenticated Key Exchange (AKE) is the backbone of internet security protocols such as TLS and IKE. A recent announcement by standardization bodies calling for a shift to quantum-resilient crypto has resulted in several AKE proposals from the research community. Because AKE can be generically constructed by combining a digital signature scheme with public key encryption (or a KEM), most of these proposals focused on optimizing the known KEMs and left the authentication part to the generic combination with digital signatures.\
In this paper, we show that by simultaneously considering the secrecy and authenticity requirements of an AKE, we can construct a scheme that is more secure and with smaller communication complexity than a scheme created by a generic combination of a KEM with a signature scheme. Our improvement uses particular properties of lattice-based encryption and signature schemes and consists of two parts -- the first part increases security, whereas the second reduces communication complexity.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Major revision. SCN 2016
- Keywords
- Lattice cryptographyAuthenticated Key Exchange
- Contact author(s)
- vadim lyubash @ gmail com
- History
- 2016-06-28: revised
- 2016-05-04: received
- See all versions
- Short URL
- https://ia.cr/2016/435
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/435, author = {Rafael del Pino and Vadim Lyubashevsky and David Pointcheval}, title = {The Whole is Less than the Sum of its Parts: Constructing More Efficient Lattice-Based {AKEs}}, howpublished = {Cryptology {ePrint} Archive, Paper 2016/435}, year = {2016}, url = {https://eprint.iacr.org/2016/435} }