{"title":"SL3PAKE: 面向后量子世界的基于简单晶格的三方密码验证密钥交换系统","authors":"Vivek Dabra , Saru Kumari , Anju Bala , Sonam Yadav","doi":"10.1016/j.jisa.2024.103826","DOIUrl":null,"url":null,"abstract":"<div><p>Three-party Password Authenticated Key Exchange (3PAKE) is a protocol where two parties generate the same session key with the help of a trusted server. With the evolution of quantum computers, there is a growing need to develop the 3PAKE protocols that can resist the quantum attacks. Hence, various 3PAKE protocols have been proposed based on the famous Ring Learning With Error (RLWE) problem. But we find out that all these protocols are vulnerable to signal leakage attacks if their public/private keys are reused. Also, the design of these protocols are pretty complex, thus making these protocols highly inefficient. Hence, to overcome the above issues, we have proposed Simple Lattice-based 3PAKE (SL3PAKE), which is simple in its design and resists signal leakage attack if its public/private keys are reused. The order and flow of messages in the proposed SL3PAKE protocol is quite natural without added complexity, thus makes it simple 3PAKE protocol. Finally, we present the comparative analysis based on communication overhead among the proposed SL3PAKE and other three-party protocols. From the analysis, it has been shown that the proposed SL3PAKE protocol has much less communication overhead/communication rounds than the other three-party protocols.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"84 ","pages":"Article 103826"},"PeriodicalIF":3.8000,"publicationDate":"2024-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"SL3PAKE: Simple Lattice-based Three-party Password Authenticated Key Exchange for post-quantum world\",\"authors\":\"Vivek Dabra , Saru Kumari , Anju Bala , Sonam Yadav\",\"doi\":\"10.1016/j.jisa.2024.103826\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Three-party Password Authenticated Key Exchange (3PAKE) is a protocol where two parties generate the same session key with the help of a trusted server. With the evolution of quantum computers, there is a growing need to develop the 3PAKE protocols that can resist the quantum attacks. Hence, various 3PAKE protocols have been proposed based on the famous Ring Learning With Error (RLWE) problem. But we find out that all these protocols are vulnerable to signal leakage attacks if their public/private keys are reused. Also, the design of these protocols are pretty complex, thus making these protocols highly inefficient. Hence, to overcome the above issues, we have proposed Simple Lattice-based 3PAKE (SL3PAKE), which is simple in its design and resists signal leakage attack if its public/private keys are reused. The order and flow of messages in the proposed SL3PAKE protocol is quite natural without added complexity, thus makes it simple 3PAKE protocol. Finally, we present the comparative analysis based on communication overhead among the proposed SL3PAKE and other three-party protocols. From the analysis, it has been shown that the proposed SL3PAKE protocol has much less communication overhead/communication rounds than the other three-party protocols.</p></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"84 \",\"pages\":\"Article 103826\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-07-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624001297\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001297","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
SL3PAKE: Simple Lattice-based Three-party Password Authenticated Key Exchange for post-quantum world
Three-party Password Authenticated Key Exchange (3PAKE) is a protocol where two parties generate the same session key with the help of a trusted server. With the evolution of quantum computers, there is a growing need to develop the 3PAKE protocols that can resist the quantum attacks. Hence, various 3PAKE protocols have been proposed based on the famous Ring Learning With Error (RLWE) problem. But we find out that all these protocols are vulnerable to signal leakage attacks if their public/private keys are reused. Also, the design of these protocols are pretty complex, thus making these protocols highly inefficient. Hence, to overcome the above issues, we have proposed Simple Lattice-based 3PAKE (SL3PAKE), which is simple in its design and resists signal leakage attack if its public/private keys are reused. The order and flow of messages in the proposed SL3PAKE protocol is quite natural without added complexity, thus makes it simple 3PAKE protocol. Finally, we present the comparative analysis based on communication overhead among the proposed SL3PAKE and other three-party protocols. From the analysis, it has been shown that the proposed SL3PAKE protocol has much less communication overhead/communication rounds than the other three-party protocols.
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
