后量子基于验证元的三方口令认证密钥交换协议

doi:10.11959/j.issn.1000-436x.2022062

Abstract

Abstract:

In view of the fact that server stored the passwords directly in plaintext, there was a risk of server compromise, and two-party PAKE protocol was not suitable for large-scale communication systems, a three-party verifier-based password authenticated key exchange protocol from lattices was proposed.Hashing scheme and zero-knowledge password policy check were combined to realize the generation of verifier and the password checking.A novel verifier-based 3PAKE protocol was constructed by using CCA-secure public-key encryption from lattices, which realized mutual authentication.Security and performance analysis shows that the proposed protocol has better advantages in communication efficiency and security.

Key words: three-party key exchange, password authentication, verifier, lattice, provable security

CLC Number:

TP309

Huanhuan LIAN, Huiying HOU, Yunlei ZHAO. Post-quantum verifier-based three-party password authenticated key exchange protocol[J]. Journal on Communications, 2022, 43(4): 95-106.

Figures/Tables 5

符号	说明
hk	哈希密钥
hp	投射密钥
label	标签
$H_{S A}, H_{S B}$	存储于服务器上的A和B的口令哈希值
$s_{P_{1}}, s_{P_{2}}$	预盐值
$s_{H_{1}}, s_{H_{2}}$	盐值
mk	伪随机函数密钥
${sk}_{A B}, {sk}_{B A}$	由用户A和B生成的会话密钥

References 29

[1]	BELLOVIN S M , MERRITT M . Encrypted key exchange:password-based protocols secure against dictionary attacks[C]// Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy. Piscataway:IEEE Press, 1992: 72-84.
[2]	VASCO M I G , POZO A L P D , SORIENTE C . A key for John Doe:modeling and designing anonymous password-authenticated key exchange protocols[J]. IEEE Transactions on Dependable and Secure Computing, 2021,18(3): 1336-1353.
[3]	BRADLEY T , JARECKI S , XU J . Strong asymmetric PAKE based on trapdoor CKEM[C]// 2019 Advances in Cryptology. Berlin:Springer, 2019: 798-825.
[4]	ABDALLA M , BARBOSA M , BRADLEY T ,et al. Universally composable relaxed password authenticated key exchange[C]// 2020 Advances in Cryptology. Berlin:Springer, 2020: 278-307.
[5]	KATZ J , VAIKUNTANATHAN V . Round-optimal password-based authenticated key exchange[J]. Journal of Cryptology, 2013,26(4): 714-743.
[6]	KATZ J , VAIKUNTANATHAN V . Smooth projective hashing and password-based authenticated key exchange from lattices[C]// 2009 Advances in Cryptology. Berlin:Springer, 2009: 636-652.
[7]	GENNARO R , LINDELL Y . A framework for password-based authenticated key exchange1[J]. ACM Transactions on Information and System Security (TISSEC), 2006,9(2): 181-234.
[8]	DING Y , FAN L . Efficient password-based authenticated key exchange from lattices[C]// 2012 Seventh International Conference on Computational Intelligence and Security. Piscataway:IEEE Press, 2012: 934-938.
[9]	GROCE A , KATZ J . A new framework for efficient password-based authenticated key exchange[C]// Proceedings of the 17th ACM conference on Computer and communications security. New York:ACM Press, 2010: 516-525.
[10]	DING J , ALSAYIGH S , LANCRENON J ,et al. Provably secure password authenticated key exchange based on RLWE for the post-quantum world[C]// 2017 Cryptographers’ Track at the RSA Conference. Berlin:Springer, 2017: 183-204.
[11]	ZHANG J , YU Y . Two-round PAKE from approximate SPH and instantiations from lattices[C]// 2017 International Conference on the Theory and Application of Cryptology and Information Security. Berlin:Springer, 2017: 37-67.
[12]	李子臣, 谢婷, 张卷美 . 基于RLWE问题的后量子口令认证密钥交换协议[J]. 电子学报, 2021,49(2): 260-267.
	LI Z C , XIE T , ZHANG J M . Post quantum password-based authentication key exchange protocol based on ring learning with errors problem[J]. Acta Electronica Sinica, 2021,49(2): 260-267.
[13]	YIN A Q , GUO Y B , SONG Y M ,et al. Two-round password-based authenticated key exchange from lattices[J]. Wireless Communications and Mobile Computing, 2020(17): 1-13.
[14]	叶茂, 胡学先, 刘文芬 . 基于格的三方口令认证密钥交换协议[J]. 电子与信息学报, 2013,35(6): 1376-1381.
	YE M , HU X X , LIU W F . Password authenticated key exchange protocol in the three party setting based on lattices[J]. Journal of Electronics ＆ Information Technology, 2013,35(6): 1376-1381.
[15]	XU D Q , HE D B , CHOO K K R . Provably secure three-party password authenticated key exchange protocol based on ring learning with error[R]. 2017.
[16]	王彩芬, 陈丽 . 基于格的用户匿名三方口令认证密钥协商协议[J]. 通信学报, 2018,39(2): 21-30.
	WANG C F , CHEN L . Three-party password authenticated key agreement protocol with user anonymity based on lattice[J]. Journal on Communications, 2018,39(2): 21-30.
[17]	于金霞, 廉欢欢, 汤永利 ,等. 格上基于口令的三方认证密钥交换协议[J]. 通信学报, 2018,39(11): 87-97.
	YU J X , LIAN H H , TANG Y L ,et al. Password-based three-party authenticated key exchange protocol from lattices[J]. Journal on Communications, 2018,39(11): 87-97.
[18]	JIANG S , GONG G , HE J ,et al. PAKEs:new framework,new techniques and more efficient lattice-based constructions in the standard model[C]// 2020 IACR International Conference on Public-Key Cryptography. Berlin:Springer, 2020: 396-427.
[19]	BELLOVIN S M , MERRITT M . Augmented encrypted key exchange:a password-based protocol secure against dictionary attacks and password file compromise[C]// Proceedings of the 1st ACM conference on Computer and communications security. New York:ACM Press, 1993: 244-250.
[20]	BENHAMOUDA F , POINTCHEVAL D . Verifier-based password-authenticated key exchange:new models and constructions[R]. 2014.
[21]	杨晓燕, 侯孟波, 魏晓超 . 基于验证元的三方口令认证密钥交换协议[J]. 计算机研究与发展, 2016,53(10): 2230-2238.
	YANG X Y , HOU M B , WEI X C . Verifier-based three-party password authenticated key exchange protocol[J]. Journal of Computer Research and Development, 2016,53(10): 2230-2238.
[22]	张启慧, 胡学先, 刘文芬 ,等. 改进的三方口令验证元认证密钥交换协议[J]. 软件学报, 2020,31(10): 3238-3250.
	ZHANG Q H , HU X X , LIU W F ,et al. Improved verifier-based three-party password-authenticated key exchange protocol[J]. Journal of Software, 2020,31(10): 3238-3250.
[23]	舒琴, 王圣宝, 胡斌 ,等. 理想格上基于验证元的三方口令认证密钥交换协议[J]. 密码学报, 2021,8(2): 294-306.
	SHU Q , WANG S B , HU B ,et al. Verifier-based three-party password-authenticated key exchange protocol from ideal lattices[J]. Journal of Cryptologic Research, 2021,8(2): 294-306.
[24]	ABDALLA M , FOUQUE P A , POINTCHEVAL D . Password-based authenticated key exchange in the three-party setting[C]// 2005 International Workshop on Public Key Cryptography. Berlin:Springer, 2005: 65-84.
[25]	REGEV O . On lattices,learning with errors,random linear codes,and cryptography[J]. Journal of the ACM, 2009,56(6): 1-40.
[26]	CRAMER R , SHOUP V . Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption[C]// International Conference on the Theory and Applications of Cryptographic Techniques:Advances in Cryptology. Berlin:Springer, 2002: 45-64.
[27]	KIEFER F , MANULIS M . Zero-knowledge password policy checks and verifier-based PAKE[C]// 2014 European Symposium on Research in Computer Security. Berlin:Springer, 2014: 295-312.
[28]	NGUYEN K , TAN B H M , WANG H X . Zero-knowledge password policy check from lattices[C]// 2017 International Conference on Information Security. Berlin:Springer, 2017: 92-113.
[29]	BELLARE M , POINTCHEVAL D , ROGAWAY P . Authenticated key exchange secure against dictionary attacks[C]// International Conference on the Theory and Applications of Cryptographic Techniques:Advances in Cryptology. Berlin:Springer, 2000: 139-155.

Metrics

Recommended 0

No Suggested Reading articles found!

协议	类型	消息传输量/条	通信效率	双向认证	抵抗服务器泄露	难题假设
文献[15]	3PAKE	6	9n ₂+7n₂ log q+5	是	否	RLWE
文献[16]	3PAKE	5	4n ₂ log q+7n₂	是	否	RLWE
文献[20]	2VPAKE	2	10n ₂+2n₁	否	是	plain DDH
文献[22]	3VPAKE	8	8n ₂+8n₁	是	是	DDH
文献[23]	3VPAKE	8	6n ₂ log q+7n₂	是	是	RLWE
本文协议	3VPAKE	5	2n ₂+4(m+n₂)log q	是	是	LWE

协议	工具	Exp	Enc/Dec	ASPH(SPH)	Hash	总开销
文献[21]	SPH	25	2	2	6	25Exp+1Enc+1Dec+2SPH+6Hash
文献[22]	SPH	18	4	4	8	18Exp+2Enc+2Dec+4SPH+8Hash
文献[14]	ASPH	0	4	4	24	2Enc+2Dec+4ASPH+24Hash
本文协议	ASPH	0	4	4	26	2Enc+2Dec+4ASPH+26Hash

Post-quantum verifier-based three-party password authenticated key exchange protocol

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 5

References 29

Related Articles 15

Metrics

Recommended 0

[1]	Yuanbo GUO, Anqi YIN. Research on password-authenticated key exchange protocol over lattices [J]. Journal on Communications, 2022, 43(12): 172-187.
[2]	Youheng DONG, Geng ZHAO, Yingjie MA. Two-dimensional pseudo-random coupled map lattices system based on partitioned elementary cellular automata and its dynamic properties [J]. Journal on Communications, 2022, 43(1): 71-82.
[3]	Miaomiao TIAN, Jing CHEN, Hong ZHONG. Identity-based incremental signature scheme from lattices [J]. Journal on Communications, 2021, 42(1): 108-117.
[4]	Zhen LIU,Yiliang HAN,Xiaoyuan YANG,Shuguang LIU. Provable security signcryption scheme based on RLWE without trapdoor [J]. Journal on Communications, 2020, 41(6): 14-25.
[5]	Changgen PENG, Xiaoyu ZHANG, Hongfa DING, Shanhui YANG. Efficient signcryption scheme based on Cocks’ identity cryptosystem [J]. Journal on Communications, 2020, 41(12): 128-138.
[6]	Youliang TIAN,Qiuxian LI,Duo ZHANG,Linjie WANG. Provably secure rational delegation computation protocol [J]. Journal on Communications, 2019, 40(7): 135-143.
[7]	Miaomiao TIAN,Chuang GAO,Jie CHEN. Identity-based cloud storage integrity checking from lattices [J]. Journal on Communications, 2019, 40(4): 128-139.
[8]	Yatao YANG,Xinguang HAN,Jierun HUANG,Yang ZHAO. Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE [J]. Journal on Communications, 2019, 40(11): 180-186.
[9]	Xixi YAN,Yuan LIU,Zichen LI,Yongli TANG,Qing YE. Privacy-preserving attribute-based encryption scheme on ideal lattices [J]. Journal on Communications, 2018, 39(3): 128-135.
[10]	Caifen WANG,Li CHEN. Three-party password authenticated key agreement protocol with user anonymity based on lattice [J]. Journal on Communications, 2018, 39(2): 21-30.
[11]	Jinxia YU,Huanhuan LIAN,Yongli TANG,Mengyao SHI,Zongqu ZHAO. Password-based three-party authenticated key exchange protocol from lattices [J]. Journal on Communications, 2018, 39(11): 87-97.
[12]	Shao-bo YU,Ling-da WU,Xi-tao ZHANG. Research on space information representation model based on formal concept analysis [J]. Journal on Communications, 2017, 38(Z2): 78-85.
[13]	Yong-li TANG,Ming-xing HU,Kun LIU,Qing YE,Xi-xi YAN. Novel identity-based fully homomorphic encryption scheme from lattice [J]. Journal on Communications, 2017, 38(5): 39-47.
[14]	Qing YE,Ming-xing HU,Yong-li TANG,Kun LIU,Xi-xi YAN. Novel hierarchical identity-based encryption scheme from lattice [J]. Journal on Communications, 2017, 38(11): 54-64.
[15]	Zhi-yan XU,Li-bing WU,Li LI,De-biao HE. New certificateless aggregate signature scheme with universal designated verifier [J]. Journal on Communications, 2017, 38(11): 76-83.