Paper 2023/1334

A Generic Construction of Tightly Secure Password-based Authenticated Key Exchange

Jiaxin Pan, Norwegian University of Science and Technology
Runzhi Zeng, Norwegian University of Science and Technology
Abstract

We propose a generic construction of password-based authenticated key exchange (PAKE) from key encapsulation mechanisms (KEM). Assuming that the KEM is oneway secure against plaintext-checkable attacks (OW-PCA), we prove that our PAKE protocol is \textit{tightly secure} in the Bellare-Pointcheval-Rogaway model (EUROCRYPT 2000). Our tight security proofs require ideal ciphers and random oracles. The OW-PCA security is relatively weak and can be implemented tightly with the Diffie-Hellman assumption, which generalizes the work of Liu et al. (PKC 2023), and ``almost'' tightly with lattice-based assumptions, which tightens the security loss of the work of Beguinet et al. (ACNS 2023) and allows more efficient practical implementation with Kyber. Beyond these, it opens an opportunity of constructing tight PAKE based on various assumptions.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2023
Keywords
Password-based key exchangegeneric constructionstight securitylattices
Contact author(s)
jiaxin pan @ ntnu no
runzhi zeng @ ntnu no
History
2023-09-08: approved
2023-09-07: received
See all versions
Short URL
https://ia.cr/2023/1334
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1334,
      author = {Jiaxin Pan and Runzhi Zeng},
      title = {A Generic Construction of Tightly Secure Password-based Authenticated Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1334},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1334}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.