格上基于密文标准语言的可证明安全两轮口令认证密钥交换协议

尹安琪; 曲彤洲; 郭渊博; 汪定; 陈琳; 李勇飞

doi:10.12263/DZXB.20210517

您当前的位置：

首页 >

文章列表页 >

格上基于密文标准语言的可证明安全两轮口令认证密钥交换协议

学术论文 | 更新时间：2025-12-08

- 格上基于密文标准语言的可证明安全两轮口令认证密钥交换协议
- Provably Secure Two-Round PAKE Based on Ciphertext Standard Language over Lattices
- 电子学报 2022年50卷第5期页码：1140-1149
- 作者机构：
  
  1.信息工程大学电子技术学院, 河南郑州 450001
  2.南开大学网络空间安全学院, 天津 300350
- 作者简介：
  
  [ "尹安琪　女，1995年生于山东临沂.现为信息工程大学电子技术学院博士研究生.主要研究方向为格密码理论及格上的口令认证密钥交换协议." ]
  [ "曲彤洲　男，1994年生于辽宁铁岭.现为信息工程大学电子技术学院博士研究生.主要研究方向为粗粒度可重构密码逻辑阵列和密码计算.E-mail: qutongzhou@outlook.com" ]
  [ "郭渊博　男，1975年生于陕西周至.现为信息工程大学电子技术学院教授、博士生导师.主要研究方向为网络防御、数据挖掘、机器学习和人工智能安全等.E-mail: guo_yuanbo@126.com" ]
  [ "汪定　男，1985年生于湖北十堰.现为南开大学网络空间安全学院教授、博士生导师.主要研究方向为公钥密码学、系统安全、人工智能等.E-mail: wangding@nankai.edu.cn" ]
  [ "陈琳　女，1975年生于河南开封.现为信息工程大学电子技术学院副教授.主要研究方向为安全专用芯片设计.E-mail: chenlin916@163.com" ]
  [ "李勇飞　男，1998年生于河南郑州，现为信息工程大学电子技术学院硕士研究生，主要研究方向为网络安全知识图谱.E-mail: leekgfly@foxmail.com" ]
- 基金信息：
  
  国家自然科学基金(61501515;61601515);信息保障技术重点实验室开放基金(KJ-15-108)
- DOI：10.12263/DZXB.20210517
  中图分类号： TN918.1
- 收稿：2021-04-21，
  
  修回：2021-09-26，
  
  纸质出版：2022-05-25
- 稿件说明：
移动端阅览
尹安琪,曲彤洲,郭渊博等.格上基于密文标准语言的可证明安全两轮口令认证密钥交换协议[J].电子学报,2022,50(05):1140-1149.

YIN An-qi,QU Tong-zhou,GUO Yuan-bo,et al.Provably Secure Two-Round PAKE Based on Ciphertext Standard Language over Lattices[J].ACTA ELECTRONICA SINICA,2022,50(05):1140-1149.
尹安琪,曲彤洲,郭渊博等.格上基于密文标准语言的可证明安全两轮口令认证密钥交换协议[J].电子学报,2022,50(05):1140-1149. DOI： 10.12263/DZXB.20210517.

YIN An-qi,QU Tong-zhou,GUO Yuan-bo,et al.Provably Secure Two-Round PAKE Based on Ciphertext Standard Language over Lattices[J].ACTA ELECTRONICA SINICA,2022,50(05):1140-1149. DOI： 10.12263/DZXB.20210517.

摘要

降低口令认证密钥交换（Password-based Authenticated Key Exchange，PAKE）协议的通信轮次和安全性假设是格上PAKE协议的重要优化方向.平滑投射哈希函数（Smooth Projective Hash Function，SPHF）是构造PAKE协议的重要数学工具，但现有的基于格的SPHF多不能在超多项式模数下应用.为此，本文提出了两种格上基于密文标准语言的SPHFs，在不增加通信开销和存储开销的前提下解决了上述问题.基于上述SPHFs

本文提出了一种基于格的可证明安全的两轮PAKE协议，该协议可以抵抗量子攻击

在不需要零知识证明和随机预言机的前提下，降低了协议通信轮次和安全性假设；本文还基于更加准确的标准安全模型对所提出的协议进行了严格的安全性证明.实验证明，本文提出的协议具有更优的通信轮次复杂度、计算开销、安全性假设和实际安全性.

Abstract

Reducing the communication round complexity and security assumptions are important directions of password-based authenticated key exchange(PAKE) protocol over lattices. Smooth projective Hash function(SPHF) is an important mathematical tool for constructing PAKE. But most of the existing lattice-based SPHFs cannot be applied under hyperpolynomial modulus. This paper proposes two SPHFs based on the standard language of ciphertext over lattices

which solves the above problem without increasing communication and storage overhead. Based on the proposed SPHFs

this paper proposes a provably secure two-round PAKE protocol over lattices

which can resist quantum attacks and reduce the communication round complexity and the security assumptions without random oracle and zero-knowledge proof. And this paper also provides a strict security proof for the proposed protocol based on a more accurate security model. Experiment results show that the protocol proposed has better communication round complexity

computational overhead

security assumptions and actual security.

关键词

Keywords

references

ZHANG J , YU Y . Two-round PAKE from approximate SPH and instantiations from lattices [C]// TAKAGI T . Advances in Cryptology-ASIACRYPT 2017 . Cham, Germany : Springer , 2017: 37 - 67 .

KATZ J , VAIKUNTANATHAN V . Round-optimal password-based authenticated key exchange [C]//ISHAI Y. Theory of Cryptography Conference . Berlin : Springer , 2011 : 293 - 310 .

KATZ J , OSTROVSKY R , YUNG M . Efficient password-authenticated key exchange using human-memorable passwords [C]//PFITZMANN B. International Conference on the Theory and Applications of Cryptographic Techniques . Berlin, Germany : Springer , 2001 : 475 - 494 .

JIANG S , GONG G . Password based key exchange with mutual authentication [C]//HANDSCHUH H. International Workshop on Selected Areas in Cryptography . Berlin, Germany : Springer , 2004 : 267 - 279 .

GROCE A , KATZ J . A new framework for efficient password-based authenticated key exchange [C]//AL-SHAER E S. Proceedings of the 17th ACM Conference on Computer and Communications Security . Chicago, USA : ACM , 2010 : 516 - 525 .

REGEV O . On lattices, learning with errors, random linear codes, and cryptography [J]. Proceedings of the Annual ACM Symposium on Theory of Computing , 2009 , 56 ( 6 ): 84 - 93 .

ATENIESE G , FELICI G , MANCINI L V , et al . Hacking smart machines with smarter ones: how to extract meaningful data from machine learning classifiers [J]. International Journal of Security & Networks , 2015 , 10 ( 3 ): 137 - 150 .

BALUJA S , FISCHER I . Learning to attack: adversarial transformation networks [C]//MCILRAITH S. Thirty-Second AAAI Conference on Artificial Intelligence . California, USA : AAAI Press , 2018 : 2687 - 2695 .

KATZ J , VAIKUNTANATHAN V . Smooth projective hashing and password-based authenticated key exchange from lattices [C]//MITSURU M. International Conference on the Theory and Application of Cryptology and Information Security . Berlin, Germany : Springer , 2009 : 636 -

LI Z , WANG D . Achieving one-round password-based authenticated key exchange over lattices [J]. IEEE Transactions on Services Computing , 2019 , 2019( 8 ): 1 - 14 .

BENHAMOUDA F , BLAZY O , LÉO D , et al . Hash proof systems over lattices revisited [C]//ABDALLA M. IACR International Workshop on Public Key Cryptography . Cham, Germany : Springer , 2018 : 644 - 674 .

GENNARO R , LINDELL Y . A framework for password-based authenticated key exchange [J]. ACM Transactions on Information & System Security , 2006 , 9 ( 2 ): 181 - 234 .

YIN A , GUO Y , SONG Y , et al . Two-round password-based authenticated key exchange from lattices [J]. Wireless Communications and Mobile Computing , 2020 , 2020( 17 ): 1 - 13 .

LI Z , WANG D . Two-round PAKE protocol over lattices without NIZK [C]//GUO F. International Conference on Information Security and Cryptology . Cham, Germany : Springer , 2018 : 138 - 159 .

ZHANG J , YU Y , FAN S , et al . Improved lattice-based CCA2-secure PKE in the standard model [J]. Science China Information Sciences , 2020 , 63 ( 8 ): 22 - 28 .

于金霞 , 廉欢欢 , 汤永利 , 等 . 格上基于口令的三方认证密钥交换协议 [J]. 通信学报 , 2018 , 39 ( 11 ): 91 - 101 .

YU Jin-xia , LIAN Huan-huan , TANG Yong-li , et al . Password-based three-party authenticated key exchange protocol from lattices [J]. Journal on Communications , 2018 , 39 ( 11 ): 91 - 101 . (in Chinese)

GENTRY C , PEIKERT C , VAIKUNTANATHAN V . Trapdoors for hard lattices and new cryptographic constructions [C]//LADNER R. Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing . New York, USA : ACM , 2008 : 197 - 206 .

ALWEN J , PEIKERT C . Generating shorter bases for hard random lattices [J]. Theory of Computing Systems , 2011 , 48 ( 3 ): 535 - 553 .

BELLARE M , POINTCHEVAL D , ROGAWAY P . Authenticated key exchange secure against dictionary attacks [C]//PRENEEL B. International Conference on the Theory and Applications of Cryptographic Techniques . Berlin, Germany : Springer , 2000 : 139 - 155 .

WANG D , CHENG H , WANG P , et al . Zipf's law in passwords [J]. IEEE Transactions on Information Forensics and Security , 2017 , 12 ( 11 ): 2776 - 2791 .

WANG D , WANG P . On the implications of zipf's law in passwords [C]//ASKOXYLAKIS I. European Symposium on Research in Computer Security . Cham, Germany : Springer , 2016 : 111 - 131 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于格的类DH密钥交换协议设计与挑战

高能效格基后量子密码并行采样算法与硬件结构研究

原-对偶规约基与连续最小元

一种基于格理论构造高维星座图的方法