Quantum-Resistant Password-Based Threshold Single-Sign-On Authentication with Updatable Server Private Key

Jingwei Jiang; Ding Wang; Guoyin Zhang; Zhiyuan Chen

Paper 2022/989

Quantum-Resistant Password-Based Threshold Single-Sign-On Authentication with Updatable Server Private Key

Jingwei Jiang

, Harbin Engineering University

Ding Wang

, Nankai University

Guoyin Zhang, Harbin Engineering University

Zhiyuan Chen, Harbin Engineering University

Abstract

Passwords are the most prevalent authentication mechanism and proliferate on nearly every new web service. As users are overloaded with the tasks of managing dozens even hundreds of passwords, accordingly password-based single-sign-on (SSO) schemes have been proposed. In password-based SSO schemes, the authentication server needs to maintain a sensitive password file, which is an attractive target for compromise and poses a single point of failure. Hence, the notion of password-based threshold authentication (PTA) system has been proposed. However, a static PTA system is threatened by perpetual leakage (e.g., the adversary perpetually compromises servers). In addition, most of the existing PTA schemes are built on the intractability of conventional hard problems and become insecure in the quantum era. In this work, we first propose a threshold oblivious pseudorandom function (TOPRF) to harden the password so that PTA schemes can resist offline password guessing attacks. Then, we employ the threshold homomorphic aggregate signature (THAS) over lattices to construct the first quantum-resistant password-based threshold single-sign-on authentication scheme with the updatable server private key. Our scheme resolves various issues arising from user corruption and server compromise, and it is formally proved secure against quantum adversaries. Comparison results show that our scheme is superior to its counterparts.

Note: V2

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint.
Keywords: Password Single-Sign-On Threshold Authentication Oblivious Pseudorandom Function Lattice.
Contact author(s): jiangjingwei @ hrbeu edu cn
wangding @ nankai edu cn
zhangguoyin @ hrbeu edu cn
chenzhiyuan @ hrbeu edu cn
History: 2022-08-03: revised; 2022-08-02: received; See all versions
Short URL: https://ia.cr/2022/989
License: CC BY-NC-ND

BibTeX

@misc{cryptoeprint:2022/989,
      author = {Jingwei Jiang and Ding Wang and Guoyin Zhang and Zhiyuan Chen},
      title = {Quantum-Resistant Password-Based Threshold Single-Sign-On Authentication with Updatable Server Private Key},
      howpublished = {Cryptology ePrint Archive, Paper 2022/989},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/989}},
      url = {https://eprint.iacr.org/2022/989}
}