Paper 2023/823

Lattice-based Authenticated Key Exchange with Tight Security

Jiaxin Pan, Norwegian University of Science and Technology
Benedikt Wagner, CISPA Helmholtz Center for Information Security, Saarland University
Runzhi Zeng, Norwegian University of Science and Technology
Abstract

We construct the first tightly secure authenticated key exchange (AKE) protocol from lattices. Known tight constructions are all based on Diffie-Hellman-like assumptions. Thus, our protocol is the first construction with tight security from a post-quantum assumption. Our AKE protocol is constructed tightly from a new security notion for key encapsulation mechanisms (KEMs), called one-way security against checkable chosen-ciphertext attacks (OW- ChCCA). We show how an OW-ChCCA secure KEM can be tightly constructed based on the Learning With Errors assumption, leading to the desired AKE protocol. To show the usefulness of OW-ChCCA security beyond AKE, we use it to construct the first tightly bilateral selective-opening (BiSO) secure PKE. BiSO security is a stronger selective-opening notion proposed by Lai et al. (ASIACRYPT 2021).

Note: Minor Editorial Changes

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A minor revision of an IACR publication in CRYPTO 2023
Keywords
Authenticated Key ExchangeLatticesTight SecuritySelective-Opening SecurityRandom Oracle
Contact author(s)
jiaxin pan @ ntnu no
benedikt wagner @ cispa de
runzhi zeng @ ntnu no
History
2023-06-07: last of 2 revisions
2023-06-02: received
See all versions
Short URL
https://ia.cr/2023/823
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/823,
      author = {Jiaxin Pan and Benedikt Wagner and Runzhi Zeng},
      title = {Lattice-based Authenticated Key Exchange with Tight Security},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/823},
      year = {2023},
      url = {https://eprint.iacr.org/2023/823}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.