Paper 2022/770
Password-Authenticated Key Exchange from Group Actions
, DFINITY, Zürich, Switzerland, École Normale Supérieure - PSL, Ruhr University Bochum, Ruhr University Bochum, Ruhr University BochumAbstract
We present two provably secure password-authenticated key exchange (PAKE) protocols based on a commutative group action. To date the most important instantiation of isogeny-based group actions is given by CSIDH. To model the properties more accurately, we extend the framework of cryptographic group actions (Alamati et al., ASIACRYPT 2020) by the ability of computing the quadratic twist of an elliptic curve. This property is always present in the CSIDH setting and turns out to be crucial in the security analysis of our PAKE protocols.
Despite the resemblance, the translation of Diffie-Hellman based PAKE protocols to group actions either does not work with known techniques or is insecure ("How not to create an isogeny-based PAKE", Azarderakhsh et al., ACNS 2020). We overcome the difficulties mentioned in previous work by using a "bit-by-bit" approach, where each password bit is considered separately.
Our first protocol
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- isogenies group actions password-authenticated key exchange post-quantum cryptography
- Contact author(s)
-
michel abdalla @ ens fr
thorsten eisenhofer @ rub de
eike kiltz @ rub de
sabrina kunzweiler @ rub de
doreen riepel @ rub de - History
- 2022-06-16: approved
- 2022-06-15: received
- See all versions
- Short URL
- https://ia.cr/2022/770
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/770,
author = {Michel Abdalla and Thorsten Eisenhofer and Eike Kiltz and Sabrina Kunzweiler and Doreen Riepel},
title = {Password-Authenticated Key Exchange from Group Actions},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/770},
year = {2022},
url = {https://eprint.iacr.org/2022/770}
}
