A Composable Authentication Key Exchange Scheme with Post-Quantum Forward Secrecy

被引：0

作者：

Chen M. ^{[1
]}

机构：

[1] College of Mathematics and Computer Science, Yichun University, Yichun, 336000, Jiangxi

来源：

Jisuanji Yanjiu yu Fazhan/Computer Research and Development | 2020年 / 57卷 / 10期

基金：

中国国家自然科学基金;

关键词：

Authentication key exchange; Diffie-Hellman key exchange-like; Perfect forward secrecy; Ring learning with errors problem; Signcryption;

D O I：

10.7544/issn1000-1239.2020.20200472

中图分类号：

学科分类号：

摘要：

As the post-quantum era approaches, a new security requirement in network communica-tions is forward security against quantum computing attacks. However, the post-quantum public key infrastructure has not been established, and it is imperative to construct a hybrid cryptosystem that consists of traditional public key cryptosystems and post-quantum key exchange protocols. Aimed at this need, a generic and combinable authentication key exchange scheme, named GC-AKE, is proposed. The GC-AKE protocol is a combination of two ciphersuites, which are signcryption scheme and Diffie-Hellman key exchange-like (DHKE-like) protocol, respectively. In GC-AKE, mutual authentication can be realized by using the signcryption scheme to signcrypt the temporary public key in DHKE-like, and session key establishment relies on the DHKE-like protocol. The signcryptions with strong unforgeability ensure that the GC-AKE scheme achieves perfect forward security. An instance of the GC-AKE is proposed. It combines a post-quantum DHKE-like protocol with an identity-based signcryption scheme that is put forward in this paper based on elliptic curve cryptography. The identity-based signcryption scheme is proved to achieve indistinguishability against chosen ciphertext attacks (IND-CCA) and strong existentially unforgeable under adaptive chosen messages attacks (SEUF-CMA). Furthermore, a security model, wAKE-PFS, which can simulate perfect forward security, is defined. Under the wAKE-PFS model, the security of the GC-AKE scheme is reduced to solving DDH-like (decision Diffie-Hellman-like) problems, as well as cracking the security of identity-based signcryption scheme. The analysis shows that the GC-AKE scheme instance achieves perfect forward security, and its computation and communication overheads are relatively low. Meanwhile, the DHKE-like protocol from the ring learning with errors problem (Ring-LWE) provides forward secrecy against future quantum attackers. © 2020, Science Press. All right reserved.

引用

页码：2158 / 2176

页数：18

共 40 条

[1] Diffie W, Hellman M., New directions in cryptography, IEEE Transactions on Information Theory, 22, 6, pp. 644-654, (1976)
[2] Post-Quantum cryptography project
[3] Ajtai M., Generating hard instances of lattice problems, Quaderni di Matematica, 13, pp. 1-32, (2004)
[4] Regev O., On lattices, learning with errors, random linear codes, and cryptography, Proc of the 37th ACM Symp on Theory of Computing (STOC), pp. 84-93, (2005)
[5] Regev O., Lattice-based cryptography, LNCS 4117: Proc of CRYPTO 2006, pp. 131-141, (2006)
[6] Micciancio D., Generalized compact knapsacks, cyclic lattices, and efficient one-way functions, Computational Complexity, 16, 4, pp. 365-411, (2007)
[7] Lyubashevsky V, Peikert C, Regev O., On ideal lattices and learning with errors over rings, Journal of the ACM, 60, 6, (2013)
[8] Lyubashevsky V, Peikert C, Regev O., A toolkit for ring-LWE cryptography, LNCS 7881: Proc of EUROCRYPT 2013, pp. 35-54, (2013)
[9] Katz J, Vaikuntanathan V., Smooth projective hashing and password-based authenticated key exchange from lattices, LNCS 5912: Proc of ASIACRYPT 2009, pp. 636-652, (2009)
[10] Ding Jintai, Xie Xiang, Lin Xiaolong, A simple provably secure key exchange scheme based on the learning with errors problem

← 1 2 3 4 →