Nothing Special   »   [go: up one dir, main page]
Skip to main content

Advertisement

Springer Nature Link
Log in

A new password-authenticated module learning with rounding-based key exchange protocol: Saber.PAKE

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

In this paper, a new lattice-based password-authenticated key exchange protocol (PAKE) is proposed for the post-quantum era. The constructed Saber.PAKE is designed as a PAKE version of Saber (D’Anvers, in: International conference on cryptology in Africa, Springer, Cham, 2018), one of the finalist key encapsulation mechanisms of the National Institute of Standards and Technology’s post-quantum secure standardization process. It is designed as a three-pass protocol and follows an explicit authentication approach. The hardness assumption is based on the module learning with rounding (MLWR) problem. To obtain post-quantum secure lattice-based PAKE, the password-authenticated key exchange (PAK) (MacKenzie, in: a P1363. submission to the IEEE P1363 Working Group, 2002) design idea is adapted to MLWR. To the best of our knowledge, Saber.PAKE is the first PAKE protocol based on (ring/module) learning with rounding ((R/M)LWR) problems. By considering the reconciliation bounds, the correctness analysis of Saber.PAKE is presented. The robustness against dictionary and common attacks are examined in the random oracle model. The proposed PAKE also provides perfect forward secrecy and mutual authentication. The experimental results show that it has the relatively smallest CPU cycles, message size, and runtime than the other lattice-based PAKE protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Data availability

Not applicable.

References

  1. D’Anvers JP, Karmakar A, Roy SS, Vercauteren F. Saber: module-LWR based key exchange, CPA-secure encryption and CCA-secure KEM. In: International Conference on Cryptology in Africa, pp. 282-305, Springer, Cham (2018)

  2. MacKenzie P . The PAK suite: Protocols for password-authenticated key exchange. a P1363. submission to the IEEE P1363 Working Group, (2002)

  3. Dharminder D, Reddy CB, Das AK, Park Y, Jamal SS (2022). Post-Quantum Lattice Based Secure Reconciliation Enabled Key Agreement Protocol for IoT. IEEE Internet of Things Journal

  4. Kumar U, Garg M, Kumari S, Dharminder D (2023) A construction of post quantum secure and signal leakage resistant authenticated key agreement protocol for mobile communication. Trans Emerg Telecommun Technol 34(1):e4660

    Article  Google Scholar 

  5. Ott D, Peikert C (2019) “Identifying research challenges in post quantum cryptography migration and cryptographic agility,” arXiv preprint arXiv:1909.07353

  6. Akleylek S, Seyhan K (2020) A probably secure bi-GISIS based modified AKE scheme with reusable keys. IEEE Access 8:26210–26222

    Article  Google Scholar 

  7. Akleylek S, Seyhan K (2022) Module learning with rounding based key agreement scheme with modified reconciliation. Comput Stand Interfaces 79:103549

    Article  Google Scholar 

  8. Boyko V, MacKenzie P, Patel S . Provably secure password-authenticated key exchange using Diffie-Hellman. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp 156-171, Springer, Berlin, Heidelberg (2000)

  9. Bellovin SM, Merritt M (1992). Encrypted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp 72-84

  10. Bellare M, Pointcheval D, Rogaway P. (2000) Authenticated key exchange secure against dictionary attacks. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp 139-155, Springer, Berlin, Heidelberg

  11. Wu TD et al (1998) The Secure Remote Password Protocol. In NDSS 98:97–111

    Google Scholar 

  12. Shin S, Kobara K (2012) Efficient Augmented Password-Only Authentication and Key Exchange for IKEv2. RFC 6628:1–20

    Google Scholar 

  13. Bellovin SM, Merritt M (1993). Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp 244-250

  14. Hao F, Ryan PY (2008). Password authenticated key exchange by juggling. In: International Workshop on Security Protocols, pp 159-171. Springer, Berlin, Heidelberg

  15. Jablon DP (1996) Strong password-only authenticated key exchange. ACM SIGCOMM Computer Communication Review 26(5):5–26

    Article  Google Scholar 

  16. Kumari KA, Sadasivam GS, Rohini L (2016) An efficient 3d elliptic curve Diffie-Hellman (ECDH) based two-server password-only authenticated key exchange protocol with provable security. IETE J Res 62(6):762–773

    Article  Google Scholar 

  17. Hao F, van Oorschot PC (2021). SoK: Password-Authenticated Key Exchange–Theory, Practice, Standardization and Real-World Lessons. Cryptology ePrint Archive, 2021/1492

  18. SRP Protocol Design. Accessed 21 Apr 2022. http://srp.stanford.edu/design.html

  19. Technical Guideline TR-03110, Advanced Security Mechanisms for Machine Readable Travel Documents and eIDAS Token - Part 4: Applications and Document Profiles, Version 2.21, 21 December 2016. Accessed 21 Apr 2022

  20. WPA3\(^{{\rm TM}}\) Specification Version 3.0. Accessed on: 21 April 2022. https://www.wi-fi.org/download.php?file=/sites/default/files/private/WPA3_Specification_v3.0.pdf

  21. Jablon DP (1997). Extended password key exchange protocols immune to dictionary attack. In: Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp 248-255, IEEE

  22. Kwon T (2000). Summary of AMP (authentication and key agreement via memorable passwords). Draft Document, August, Cryptology ePrint Archive, 2021/1492

  23. Shor PW (1994). Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings 35th Annual Symposium on Foundations of Computer Science, pp 124-134, IEEE

  24. IEEE Standard Specification for Password-Based Public-Key Cryptographic Techniques. (2009) In IEEE Std 1363.2-2008, pp1-140

  25. Peikert C (2016) A decade of lattice cryptography. Found Trends Theor Comput Sci 10(4):283–424

    Article  MathSciNet  MATH  Google Scholar 

  26. Katz J, Vaikuntanathan V (2009). Smooth projective hashing and password-based authenticated key exchange from lattices. In: International Conference on the Theory and Application of Cryptology and Information Security, pp 636-652, Springer, Berlin, Heidelberg

  27. Ding J, Alsayigh S, Lancrenon J, RV S, Snook M (2017). Provably secure password authenticated key exchange based on RLWE for the post-quantum world. In: Cryptographers’ Track at the RSA Conference, pp 183-204, Springer, Cham

  28. Xu D, He D, Choo KKR, Chen J (2017). Provably secure three-party password authenticated key exchange protocol based on ring learning with error. Cryptology ePrint Archive, 2017/360

  29. Guo J, Du Y (2020). A Novel RLWE-Based Anonymous Mutual Authentication Protocol for Space Information Network. Security and Communication Networks, 2020

  30. Yin A, Guo Y, Song Y, Qu T, Fang C (2020) Two-round password-based authenticated key exchange from lattices. Wirel Commun Mobile Comput 2020:1–13

    Article  Google Scholar 

  31. Li Z, Wang D (2019) Achieving one-round password-based authenticated key exchange over lattices. IEEE Trans Serv Comput 15(1):308–321

    Article  Google Scholar 

  32. Liu C, Zheng Z, Jia K, You Q (2019). Provably secure three-party password-based authenticated key exchange from RLWE. In: International Conference on Information Security Practice and Experience, pp 56-72, Springer, Cham

  33. Huszti A, Kovács S, Oláh N (2022) Scalable, password-based and threshold authentication for smart homes. Int J Inf Secur 21:1–17

    Article  Google Scholar 

  34. Khan H, Dowling B, Martin KM (2022) Pragmatic authenticated key agreement for IEEE Std 802.15.6. Int J Inf Secur 21(3):577–595

    Article  Google Scholar 

  35. Rana S, Mishra D (2021) Lattice-based key agreement protocol under ring-LWE problem for IoT-enabled smart devices. Sādhanā 46(2):84

    Article  MathSciNet  Google Scholar 

  36. Dharminder D, Chandran KP (2020) LWESM: learning with error based secure communication in mobile devices using fuzzy extractor. J Ambient Intell Humaniz Comput 11(10):4089–4100

    Article  Google Scholar 

  37. Dabra V, Bala A, Kumari S (2020) LBA-PAKE: lattice-based anonymous password authenticated key exchange for mobile devices. IEEE Syst J 15(4):5067–5077

    Article  Google Scholar 

  38. Ding R, Cheng C, Qin Y (2022) Further analysis and improvements of a lattice-based anonymous PAKE scheme. IEEE Syst J 16(3):5035–5043

    Article  Google Scholar 

  39. Bellare M, Rogaway P (1995). Provably secure session key distribution: the three party case. In: Proceedings of the twenty-seventh annual ACM symposium on Theory of computing (pp 57-66)

  40. Jheng YS, Tso R, Chen CM, Wu ME (2018). Password-based authenticated key exchange from lattices for client/server model. In: Advances in Computer Science and Ubiquitous Computing: CSA-CUTE 17 (pp 315-319). Springer, Singapore

  41. Ding J, Xie X, Lin X (2012). A simple provably secure key exchange scheme based on the learning with errors problem. Cryptology ePrint Archive

  42. Feng H (2021, 29 September). An Overview of Password-authenticated Key Exchange Protocols. Accessed on: 19.04.2022. https://uk-sps.org/seminar/an-overview-of-password-authenticated-key-exchange-protocols/

  43. Hao F (2021) Prudent practices in security standardization. IEEE Commun Stand Mag 5(3):40–47

    Article  MathSciNet  Google Scholar 

  44. NIST Post-Quantum Cryptography Standardization Project. Accessed on 25.04.2022. https://csrc.nist.gov/projects/post-quantum-cryptography

  45. Alagic G et al (2022) Status report on the third round of the NIST post-quantum cryptography standardization process. US Department of Commerce, NIST

    Google Scholar 

  46. Ding J et al (2017) Provably secure password authenticated key exchange based on RLWE for the post-quantum world. Topics in Cryptology -CT-RSA 2017. Lecture Notes in Computer Science 10159: 183–204

  47. Gao X, et al (2017). Efficient implementation of password-based authenticated key exchange from RLWE and post-quantum TLS. Cryptology ePrint Archive. 2017/1192

  48. Yang Y, et al (2019). Efficient password-authenticated key exchange from RLWE based on asymmetric key consensus. In: International Conference on Information Security and Cryptology, 31-49

  49. Ren P, Gu X, Wang Z (2023) Efficient module learning with errors-based post-quantum password-authenticated key exchange. IET Inf Secur 17(1):3–17

    Article  Google Scholar 

  50. Jin Z, Zhao Y (2016). Optimal key consensus in presence of noise. arXiv preprint arXiv:1611.06150

  51. Regev O (2009) On lattices, learning with errors, random linear codes, and cryptography. J ACM 56(6):1–40

    Article  MathSciNet  MATH  Google Scholar 

  52. Peikert C (2016) A decade of lattice cryptography. Found Trends Theor Comput Sci 10:283–424

    Article  MathSciNet  MATH  Google Scholar 

  53. Banerjee A, Peikert C, Rosen A (2012) Pseudorandom functions and lattices. In: Pointcheval D, Johansson T (eds) Advances in Cryptology - EUROCRYPT 2012. EUROCRYPT 2012. Lecture Notes in Computer Science, 7237, Springer, Berlin, Heidelberg

  54. Liu FH, Wang Z (2020). Rounding in the rings. In Annual International Cryptology Conference, pp. 296-326, Springer, Cham

  55. Mera JMB, Karmakar A, Kundu S, Verbauwhede I (2021) Scabbard: a suite of efficient learning with rounding key-encapsulation mechanisms. IACR Trans Cryptogr Hardw Embed Syst 2021:474–509

    Article  Google Scholar 

  56. Wu TD (1998) The secure remote password protocol. In NDSS 98: 97–111

  57. Gennaro R, Lindell Y (2006) A framework for password-based authenticated key exchange1. ACM Trans Inf Syst Secur 9(2):181–234

    Article  Google Scholar 

  58. Benhamouda F, Blazy O, Ducas L, Quach W (2018, March). Hash proof systems over lattices revisited. In: IACR International Workshop on Public Key Cryptography, pp 644-674, Springer, Cham

  59. Zhang J, Zhang Z, Ding J, Snook M, Dagdelen Ö. (2015). Authenticated key exchange from ideal lattices. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp 719-751, Springer, Berlin, Heidelberg

Download references

Acknowledgements

We would like to thank Ahmet Faruk Dursun for his support in developing and testing the C codes.

Funding

This work was partially supported by TUBITAK under Grant No. 121R006. The work of Kübra Seyhan was supported in part by TUBITAK through National Ph.D. Scholarship Program in the Priority Fields in Science and Technology.

Author information

Authors and Affiliations

  1. Department of Computer Engineering, and Cyber Security and Information Technologies Research and Development Center, Ondokuz Mayıs University, 55139, Samsun, Turkey

    Kübra Seyhan & Sedat Akleylek

  2. University of Tartu, Tartu, Estonia

    Sedat Akleylek

Authors
  1. Kübra Seyhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sedat Akleylek
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

KS and SA were involved in conceptualization, methodology, validation, and writing—review and editing. SA was involved in investigation. KS was involved in writing—original draft preparation. All authors have read and agreed to the submitted version of the manuscript.

Corresponding author

Correspondence to Kübra Seyhan.

Ethics declarations

Conflict of interest

All authors declare that none of them has any conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Seyhan, K., Akleylek, S. A new password-authenticated module learning with rounding-based key exchange protocol: Saber.PAKE. J Supercomput 79, 17859–17896 (2023). https://doi.org/10.1007/s11227-023-05251-x

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-023-05251-x

Keywords

Search

Navigation