Cryptology ePrint Archive: Report 2017/1196

Post-Quantum Secure Remote Password Protocol from RLWE Problem

Xinwei Gao and Jintai Ding and Jiqiang Liu and Lin Li

Abstract: Secure Remote Password (SRP) protocol is an augmented Password-based Authenticated Key Exchange (PAKE) protocol based on discrete logarithm problem (DLP) with various attractive security features. Compared with basic PAKE protocols, SRP does not require server to store user's password and user does not send password to server to authenticate. These features are desirable for secure client-server applications. SRP has gained extensive real-world deployment, including Apple iCloud, 1Password etc. However, with the advent of quantum computer and Shor's algorithm, classic DLP-based public key cryptography algorithms are no longer secure, including SRP. Motivated by importance of SRP and threat from quantum attacks, we propose a RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange. We also present parameter choice and efficient portable C++ implementation of RLWE-SRP. Implementation of our 209-bit secure RLWE-SRP is more than 3x faster than 112-bit secure original SRP protocol, 5.5x faster than 80-bit secure J-PAKE and 14x faster than two 184-bit secure RLWE-based PAKE protocols with more desired properties.

Category / Keywords: cryptographic protocols / Post-quantum, RLWE, SRP, PAKE, Protocol, Implementation

Original Publication (in the same form): 13th China International Conference on Information Security and Cryptology (INSCRYPT 2017)

Date: received 12 Dec 2017

Contact author: xinwei gao 7 at yandex com

Available format(s): PDF | BibTeX Citation

Version: 20171218:193806 (All versions of this report)

Short URL: ia.cr/2017/1196


[ Cryptology ePrint archive ]