Paper 2016/552

Provably Secure Password Authenticated Key Exchange Based on RLWE for the Post-QuantumWorld

Jintai Ding, Saed Alsayigh, Jean Lancrenon, Saraswathy RV, and Michael Snook

Abstract

Authenticated Key Exchange (AKE) is a cryptographic scheme with the aim to establish a high-entropy and secret session key over a insecure communications network. \emph{Password}-Authenticated Key Exchange (PAKE) assumes that the parties in play share a simple password, which is cheap and human-memorable and is used to achieve the authentication. PAKEs are practically relevant as these features are extremely appealing in an age where most people access sensitive personal data remotely from more-and-more pervasive hand-held devices. Theoretically, PAKEs allow the secure computation and authentication of a high-entropy piece of data using a low-entropy string as a starting point. In this paper, we apply the recently proposed technique introduced in~\cite{DXX2012} to construct two lattice-based PAKE protocols enjoying a very simple and elegant design that is an parallel extension of the class of Random Oracle Model (ROM)-based protocols \msf{PAK} and \msf{PPK}~\cite{BMP2000,M2002}, but in the lattice-based setting. The new protocol resembling \msf{PAK} is three-pass, and provides \emph{mutual explicit authentication}, while the protocol following the structure of \msf{PPK} is two-pass, and provides \emph{implicit authentication}. Our protocols rely on the Ring-Learning-with-Errors (RLWE) assumption, and exploit the additive structure of the underlying ring. They have a comparable level of efficiency to \msf{PAK} and \msf{PPK}, which makes them highly attractive. We present a preliminary implementation of our protocols to demonstrate that they are both efficient and practical. We believe they are suitable quantum safe replacements for \msf{PAK} and \msf{PPK}.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Diffie-HellmanKey ExchangeAuthenticatedPAKERLWE
Contact author(s)
jintai ding @ gmail com
alsayisd @ gmail com
History
2016-06-02: received
Short URL
https://ia.cr/2016/552
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/552,
      author = {Jintai Ding and Saed Alsayigh and Jean Lancrenon and Saraswathy RV and Michael Snook},
      title = {Provably Secure Password Authenticated Key Exchange Based on RLWE for the Post-QuantumWorld},
      howpublished = {Cryptology ePrint Archive, Paper 2016/552},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/552}},
      url = {https://eprint.iacr.org/2016/552}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.