Paper 2022/718

A Post-Quantum Four-Party Outsourced Authentication

Reza Ghasemi, Bu-Ali Sina University
Alptekin Küpçü, Koç University
Abstract

In this paper, for the first time, we consider a four-party scenario, where a \textit{customer} holding a smart card wants to authenticate herself to a \textit{server}, which employs a \textit{cloud database} to verify the customer. The customers initially register with the \textit{manager}. The manager outsources the processed registration data to a cloud database. Then, the customer only interacts with the server for authentication purposes. The server employs the help of the cloud database during authentication. In addition to the security of the authentication, privacy is another goal, where the cloud should not learn which customer is interacting with which server. We consider several different threat models and provide secure and efficient generic solutions as well as a post-quantum secure solution.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
outsourced authentication lattice-based cryptography post-quantum security
Contact author(s)
r ghasemi @ basu ac ir
akupcu @ ku edu tr
History
2022-06-06: approved
2022-06-06: received
See all versions
Short URL
https://ia.cr/2022/718
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/718,
      author = {Reza Ghasemi and Alptekin Küpçü},
      title = {A Post-Quantum Four-Party Outsourced Authentication},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/718},
      year = {2022},
      url = {https://eprint.iacr.org/2022/718}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.