电子学报 ›› 2021, Vol. 49 ›› Issue (2): 260-267.DOI: 10.12263/DZXB.20190101

• 学术论文 • 上一篇    下一篇

基于RLWE问题的后量子口令认证密钥交换协议

李子臣1, 谢婷2,3, 张卷美2   

  1. 1. 北京印刷学院, 北京 102600;
    2. 北京电子科技学院, 北京 100070;
    3. 西安电子科技大学通信工程学院, 陕西西安 710071
  • 收稿日期:2019-01-16 修回日期:2020-07-17 出版日期:2021-02-25
    • 通讯作者:
    • 李子臣
    • 基金资助:
    • 国家自然科学基金 (No.61370188); 北京市自然科学基金委员会与北京市教育委员会联合资助项目 (No.KZ201710015010)

Post Quantum Password-Based Authentication Key Exchange Protocol Based on Ring Learning with Errors Problem

LI Zi-chen1, XIE Ting2,3, ZHANG Juan-mei2   

  1. 1. Beijing Institute of Graphic Communication, Beijing 102600, China;
    2. Beijing Electronic Science&Technology Institute, Beijing 100070, China;
    3. School of Telecommunications Engineering, Xidian University, Xi'an, Shaanxi 710071, China
  • Received:2019-01-16 Revised:2020-07-17 Online:2021-02-25 Published:2021-02-25

摘要: 基于口令的认证密钥交换协议在现代通信网络中有很强的实用性.量子技术的迅速发展使得传统公钥密码体制的安全性面临严峻的形势,基于格理论构造密码系统已成为当前后量子密码研究的热点.本文基于格理论环上误差学习(RLWE)问题,使用Peikert式误差协调机制构造了一个C/S模式下的口令认证密钥交换协议(PAKE),设置了合理的参数保证双方以显著概率得到相同的会话密钥,并使用Java在Eclipse平台上进行了此协议的模拟实现.协议在C/S模式的PAKE安全模型下可证明安全,可抵御量子攻击,与现有的基于格理论设计的PAKE协议相比,通信量较低并且在安全度上有较强的优势,是一种简洁高效的后量子口令认证密钥交换协议.

关键词: 认证密钥交换, 环上误差学习问题, 格, 后量子

Abstract: Password-based authentication key exchange protocol is highly practical in modern communication networks.The rapid development of quantum technology has made the security of traditional public key cryptosystem face a severe situation.The construction of cryptosystem based on lattice theory has become a hot topic in the research of post-quantum cryptography.The scheme is based on the lattice theory error learning (RLWE) problem,and uses the Peikert error reconciliation mechanism to construct a password authentication key exchange(PAKE) protocol in C/S mode.Reasonable parameters are set to ensure that both parties get the same session key with significant probability,and by using Java to implement PAKE protocol on the Eclipse platform.The security of the protocol is proved under the standard BPR model and can withstand quantum attacks.Compared with the existing PAKE protocol based on lattice theory,the proposed protocol has lower communication and better security.It is a simple and efficient post-quantum password authentication key exchange protocol.

Key words: authenticated key exchange protocol, ring learning with errors, lattice, post quantum

中图分类号: