Owing to rapid progress of quantum theory, traditional public-key cryptosystems face a serious security threat. Lattice theory, which is believed to be free from quantum attacks, is now being widely used for the design of a variety of cryptosystems. By means of low-entropy password, the password-based authenticated key exchange (PAKE) protocol from lattices enables communication users to establish a high-entropy session key over an insecure channel, which avoids the requirement for complex public-key infrastructure. At the same time, it also inherits the advantages of the lattice-based cryptosystem, i.e. resistance to quantum attacks and possession of asymptotically linear computational complexity. Therefore, to design efficient and secure lattice-based PAKE protocols is valuable in terms of theory and application. However, the literature about lattice-based PAKE protocols is poor so far, and available schemes have several drawbacks such as long key length and low efficiency of their primitives. In the meanwhile, existing lattice-based PAKE protocols are all designed for two-party setting such that they cannot meet the application demand of large-scale communication system. Focused on the drawbacks mentioned above, we address with the problem of designing efficient and practical approximate smooth projective Hash system which is elementary primitive for lattice-based PAKE protocols, as well as problem of designing several provably secure PAKE protocols which are based on different security models and different lattice-based difficult assumptions. The main results got in this thesis are as follows:1. An approximate smooth projective Hash system which is based on difficult assumption from ideal lattices is researched. Based on trapdoor generation algorithm from ideal lattices, according to the design requirements, a new public-key encryption scheme with associated approximate smooth projective Hash functions is proposed. The security of this proposed encryption scheme, together with approximate correctness and smoothness of the corresponding approximate smooth projective Hash functions are all proved. The new system enjoys several advantages such as short key length and low computational complexity, and can be used to design efficient lattice-based PAKE protocols.2. A PAKE protocol with perfect forward secrecy from ideal lattices is presented. By use of the error correction codes and the new ideal-lattice-based approximate smooth projective Hash functions, a new PAKE protocol with provable security is proposed in the framework of Groce-Katz. The new protocol achieves perfect forward secrecy, and overcomes the defects that Euclidean-lattice-based cryptosystem has long key length and low efficiency.3. A PAKE protocol in the three party setting from lattices is introduced. A lattice-based three party PAKE protocol is constructed from the two party PAKE framework of Groce-Katz and its security is proved in the standard model. At the same time, through the realization of explicit mutual authentication between user and server, the protocol can resist undetectable online dictionary attacks. The protocol is considered to be the first three party PAKE protocol from lattices. Compared with general construction of three party PAKE protocol, the new protocol reduces the number of communication round and has higher security. |