后量子基于验证元的三方口令认证密钥交换协议

廉欢欢; 侯慧莹; 赵运磊

doi:10.11959/j.issn.1000-436x.2022062

您当前的位置：

首页 >

文章列表页 >

后量子基于验证元的三方口令认证密钥交换协议

学术论文 | 更新时间：2024-06-05

- 后量子基于验证元的三方口令认证密钥交换协议
- Post-quantum verifier-based three-party password authenticated key exchange protocol
- 通信学报 2022年43卷第4期页码：95-106
- 作者机构：
  
  1. 复旦大学计算机科学技术学院，上海 200433
  2. 西安电子科技大学综合业务网国家重点实验室，陕西西安 710071
- 作者简介：
  
  [ "廉欢欢（1993- ），女，河南沁阳人，复旦大学博士生，主要研究方向为密码学、信息安全等" ]
  [ "侯慧莹（1992- ），女，山东济宁人，复旦大学博士生，主要研究方向为应用密码学和信息安全等" ]
  [ "赵运磊（1974- ），男，山东阳谷人，博士，复旦大学特聘教授、博士生导师，主要研究方向为后量子密码、密码协议和计算理论等" ]
- 基金信息：
  
  国家自然科学基金资助项目(U1536205);国家自然科学基金资助项目(61472084);国家重点研发计划基金资助项目(2017YFB0802000);上海市创新行动计划基金资助项目(16DZ1100200);上海市科学技术发展基金资助项目(16JC1400801);上海市科委技术标准基金资助项目(21DZ2200500);山东省重点研发计划基金资助项目(2017CXG0701);山东省重点研发计划基金资助项目(2018CXGC0701)
- DOI：10.11959/j.issn.1000-436x.2022062
  中图分类号： TP309
- 网络出版日期：2022-04，
  
  纸质出版日期：2022-04-25
- 稿件说明：
移动端阅览
廉欢欢, 侯慧莹, 赵运磊. 后量子基于验证元的三方口令认证密钥交换协议[J]. 通信学报, 2022,43(4):95-106.

Huanhuan LIAN, Huiying HOU, Yunlei ZHAO. Post-quantum verifier-based three-party password authenticated key exchange protocol[J]. Journal on communications, 2022, 43(4): 95-106.
廉欢欢, 侯慧莹, 赵运磊. 后量子基于验证元的三方口令认证密钥交换协议[J]. 通信学报, 2022,43(4):95-106. DOI： 10.11959/j.issn.1000-436x.2022062.

Huanhuan LIAN, Huiying HOU, Yunlei ZHAO. Post-quantum verifier-based three-party password authenticated key exchange protocol[J]. Journal on communications, 2022, 43(4): 95-106. DOI： 10.11959/j.issn.1000-436x.2022062.

摘要

针对服务器直接以明文的方式存储口令，存在服务器泄露的风险，基于两方的基于格的口令认证密钥交换（PAKE）协议不适用于大规模通信系统的问题，提出了一种格上基于验证元的三方口令认证密钥交换协议。通过随机口令哈希方案生成验证元，并结合口令策略检查机制实现口令的检查，利用基于格的 CCA 安全公钥加密体制构造一个新的基于验证元的 3PAKE 协议，同时实现用户与服务器的双向认证。安全性和性能分析证明了所提协议在通信效率和安全度上都具有较好的优势。

Abstract

In view of the fact that server stored the passwords directly in plaintext

there was a risk of server compromise

and two-party PAKE protocol was not suitable for large-scale communication systems

a three-party verifier-based password authenticated key exchange protocol from lattices was proposed.Hashing scheme and zero-knowledge password policy check were combined to realize the generation of verifier and the password checking.A novel verifier-based 3PAKE protocol was constructed by using CCA-secure public-key encryption from lattices

which realized mutual authentication.Security and performance analysis shows that the proposed protocol has better advantages in communication efficiency and security.

关键词

Keywords

references

BELLOVIN S M , MERRITT M . Encrypted key exchange:password-based protocols secure against dictionary attacks [C ] // Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy . Piscataway:IEEE Press , 1992 : 72 - 84 .

VASCO M I G , POZO A L P D , SORIENTE C . A key for John Doe:modeling and designing anonymous password-authenticated key exchange protocols [J ] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 3 ): 1336 - 1353 .

BRADLEY T , JARECKI S , XU J . Strong asymmetric PAKE based on trapdoor CKEM [C ] // 2019 Advances in Cryptology . Berlin:Springer , 2019 : 798 - 825 .

ABDALLA M , BARBOSA M , BRADLEY T , et al . Universally composable relaxed password authenticated key exchange [C ] // 2020 Advances in Cryptology . Berlin:Springer , 2020 : 278 - 307 .

KATZ J , VAIKUNTANATHAN V . Round-optimal password-based authenticated key exchange [J ] . Journal of Cryptology , 2013 , 26 ( 4 ): 714 - 743 .

KATZ J , VAIKUNTANATHAN V . Smooth projective hashing and password-based authenticated key exchange from lattices [C ] // 2009 Advances in Cryptology . Berlin:Springer , 2009 : 636 - 652 .

GENNARO R , LINDELL Y . A framework for password-based authenticated key exchange1 [J ] . ACM Transactions on Information and System Security (TISSEC) , 2006 , 9 ( 2 ): 181 - 234 .

DING Y , FAN L . Efficient password-based authenticated key exchange from lattices [C ] // 2012 Seventh International Conference on Computational Intelligence and Security . Piscataway:IEEE Press , 2012 : 934 - 938 .

GROCE A , KATZ J . A new framework for efficient password-based authenticated key exchange [C ] // Proceedings of the 17th ACM conference on Computer and communications security . New York:ACM Press , 2010 : 516 - 525 .

DING J , ALSAYIGH S , LANCRENON J , et al . Provably secure password authenticated key exchange based on RLWE for the post-quantum world [C ] // 2017 Cryptographers’ Track at the RSA Conference . Berlin:Springer , 2017 : 183 - 204 .

ZHANG J , YU Y . Two-round PAKE from approximate SPH and instantiations from lattices [C ] // 2017 International Conference on the Theory and Application of Cryptology and Information Security . Berlin:Springer , 2017 : 37 - 67 .

李子臣 , 谢婷 , 张卷美 . 基于RLWE问题的后量子口令认证密钥交换协议 [J ] . 电子学报 , 2021 , 49 ( 2 ): 260 - 267 .

LI Z C , XIE T , ZHANG J M . Post quantum password-based authentication key exchange protocol based on ring learning with errors problem [J ] . Acta Electronica Sinica , 2021 , 49 ( 2 ): 260 - 267 .

YIN A Q , GUO Y B , SONG Y M , et al . Two-round password-based authenticated key exchange from lattices [J ] . Wireless Communications and Mobile Computing , 2020 ( 17 ): 1 - 13 .

叶茂 , 胡学先 , 刘文芬 . 基于格的三方口令认证密钥交换协议 [J ] . 电子与信息学报 , 2013 , 35 ( 6 ): 1376 - 1381 .

YE M , HU X X , LIU W F . Password authenticated key exchange protocol in the three party setting based on lattices [J ] . Journal of Electronics ＆ Information Technology , 2013 , 35 ( 6 ): 1376 - 1381 .

XU D Q , HE D B , CHOO K K R . Provably secure three-party password authenticated key exchange protocol based on ring learning with error [R ] . 2017 .

王彩芬 , 陈丽 . 基于格的用户匿名三方口令认证密钥协商协议 [J ] . 通信学报 , 2018 , 39 ( 2 ): 21 - 30 .

WANG C F , CHEN L . Three-party password authenticated key agreement protocol with user anonymity based on lattice [J ] . Journal on Communications , 2018 , 39 ( 2 ): 21 - 30 .

于金霞 , 廉欢欢 , 汤永利 , 等 . 格上基于口令的三方认证密钥交换协议 [J ] . 通信学报 , 2018 , 39 ( 11 ): 87 - 97 .

YU J X , LIAN H H , TANG Y L , et al . Password-based three-party authenticated key exchange protocol from lattices [J ] . Journal on Communications , 2018 , 39 ( 11 ): 87 - 97 .

JIANG S , GONG G , HE J , et al . PAKEs:new framework,new techniques and more efficient lattice-based constructions in the standard model [C ] // 2020 IACR International Conference on Public-Key Cryptography . Berlin:Springer , 2020 : 396 - 427 .

BELLOVIN S M , MERRITT M . Augmented encrypted key exchange:a password-based protocol secure against dictionary attacks and password file compromise [C ] // Proceedings of the 1st ACM conference on Computer and communications security . New York:ACM Press , 1993 : 244 - 250 .

BENHAMOUDA F , POINTCHEVAL D . Verifier-based password-authenticated key exchange:new models and constructions [R ] . 2014 .

杨晓燕 , 侯孟波 , 魏晓超 . 基于验证元的三方口令认证密钥交换协议 [J ] . 计算机研究与发展 , 2016 , 53 ( 10 ): 2230 - 2238 .

YANG X Y , HOU M B , WEI X C . Verifier-based three-party password authenticated key exchange protocol [J ] . Journal of Computer Research and Development , 2016 , 53 ( 10 ): 2230 - 2238 .

张启慧 , 胡学先 , 刘文芬 , 等 . 改进的三方口令验证元认证密钥交换协议 [J ] . 软件学报 , 2020 , 31 ( 10 ): 3238 - 3250 .

ZHANG Q H , HU X X , LIU W F , et al . Improved verifier-based three-party password-authenticated key exchange protocol [J ] . Journal of Software , 2020 , 31 ( 10 ): 3238 - 3250 .

舒琴 , 王圣宝 , 胡斌 , 等 . 理想格上基于验证元的三方口令认证密钥交换协议 [J ] . 密码学报 , 2021 , 8 ( 2 ): 294 - 306 .

SHU Q , WANG S B , HU B , et al . Verifier-based three-party password-authenticated key exchange protocol from ideal lattices [J ] . Journal of Cryptologic Research , 2021 , 8 ( 2 ): 294 - 306 .

ABDALLA M , FOUQUE P A , POINTCHEVAL D . Password-based authenticated key exchange in the three-party setting [C ] // 2005 International Workshop on Public Key Cryptography . Berlin:Springer , 2005 : 65 - 84 .

REGEV O . On lattices,learning with errors,random linear codes,and cryptography [J ] . Journal of the ACM , 2009 , 56 ( 6 ): 1 - 40 .

CRAMER R , SHOUP V . Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption [C ] // International Conference on the Theory and Applications of Cryptographic Techniques:Advances in Cryptology . Berlin:Springer , 2002 : 45 - 64 .

KIEFER F , MANULIS M . Zero-knowledge password policy checks and verifier-based PAKE [C ] // 2014 European Symposium on Research in Computer Security . Berlin:Springer , 2014 : 295 - 312 .

NGUYEN K , TAN B H M , WANG H X . Zero-knowledge password policy check from lattices [C ] // 2017 International Conference on Information Security . Berlin:Springer , 2017 : 92 - 113 .

BELLARE M , POINTCHEVAL D , ROGAWAY P . Authenticated key exchange secure against dictionary attacks [C ] // International Conference on the Theory and Applications of Cryptographic Techniques:Advances in Cryptology . Berlin:Springer , 2000 : 139 - 155 .

浏览量

506

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

格上基于口令的三方认证密钥交换协议

基于格的可验证定时签名与应用

基于格的卫星网络轻量化后量子接入认证方案

CDBS：基于CRYSTALS-Dilithium算法的盲签名方案

基于格的口令认证密钥交换协议综述