Two-Round Password-Based Authenticated Key Exchange from Lattices

Password-based authenticated key exchange (PAKE) allows participants sharing low-entropy passwords to agree on cryptographically strong session keys over insecure networks. In this paper, we present two PAKE protocols from lattices in the two-party and three-party settings, respectively, which can r...

Full description

Saved in:
Bibliographic Details
Published inWireless communications and mobile computing Vol. 2020; no. 2020; pp. 1 - 13
Main Authors Qu, Tongzhou, Song, Yuanming, Guo, Yuanbo, Yin, Anqi, Fang, Chen
Format Journal Article
LanguageEnglish
Published Cairo, Egypt Hindawi Publishing Corporation 2020
Hindawi
Hindawi Limited
Subjects
Algorithms
Authentication
Communication
Communications systems
Cryptography
Efficiency
Encryption
Exchanging
Lattices
Passwords
Protocol (computers)
Public Key Infrastructure
Online AccessGet full text

Cover

More Information
Summary:Password-based authenticated key exchange (PAKE) allows participants sharing low-entropy passwords to agree on cryptographically strong session keys over insecure networks. In this paper, we present two PAKE protocols from lattices in the two-party and three-party settings, respectively, which can resist quantum attacks and achieve mutual authentication. The protocols in this paper achieve two rounds of communication by carefully utilizing the splittable properties of the underlying primitive, a CCA (Chosen-Ciphertext Attack)-secure public key encryption (PKE) scheme with associated nonadaptive approximate smooth projection hash (NA-ASPH) system. Compared with other related protocols, the proposed two-round PAKE protocols have relatively less communication and computation overhead. In particular, the two-round 3PAKE is more practical in large-scale communication systems.
ISSN:1530-8669
1530-8677
DOI:10.1155/2020/8893628