Quantum Safe Computation-Friendly Identity-Binding Password Authenticated Key Exchange

Quantum Safe Computation-Friendly Identity-Binding Password Authenticated Key Exchange

연구 분야: Cryptography

학회: International Conference on Provable Security

Password Authenticated Key Exchange (\(\textsf{PAKE}\)) protocols are of paramount importance in applications like the Internet of Things (IoT) and wireless networking ensures the security of communication systems by enabling two parties to establish a shared secret key using only a low-entropy password. Recent advances in \(\textsf{PAKE}\) protocols have aimed to provide stronger security assurances including resilience against offline dictionary attacks, replay attacks, compromise attacks for both parties (client and server), pre-computation attacks, mutual authentication and perfect forward secrecy. Despite several improvements, challenges persist in both security and efficiency for existing \(\textsf{PAKE}\) proposals. To address these challenges, Cremers et al. (Crypto ’22) introduced the concept of identity-binding \(\textsf{PAKE}\). None of the existing identity-binding \(\textsf{PAKE}\) is post-quantum secure. In response to these challenges, our contribution aims to bridge the gap in practical and secure post-quantum identity-binding \(\textsf{PAKE}\). Our work proposes a post-quantum secure identity-binding \(\textsf{PAKE}\) protocols, \(\textsf{LPAKE}\) with enhanced security. Our lattice-based protocol \(\textsf{LPAKE}\) is secure based on the Module Pairing with Errors (\(\textsf{MPWE}\)) assumption and the Decision Module Learning with Errors (\(\textsf{DMLWE}\)) assumption. We present comprehensive security proof in a conventional game-based indistinguishability security model. Through rigorous performance evaluations, the paper demonstrates that the proposed \(\textsf{PAKE}\) scheme exhibits notable advantages in terms of total computation cost with enhanced security properties compared to existing identity-binding \(\textsf{PAKE}\) protocols.