Research On Password-Based Authenticated Key Exchange From Lattices

With the rapid development of global information technology in recent years,network communications has become an indispensable part of people's life.But people will involve a lot of sensitive data and privacy information in the information exchange,and the channel of the information transmission is open and insecure.How to protect the security of information,while ensuring the usability of communication system is an urgent problem in the field of modern secure communication.Password Authenticated Key Exchange(PAKE)protocol allows users to authenticate each other with pre-shared information,and generates a protected session key on the public channel.Because the password is easy to remember,the protocol can avoid the dependence on public key infrastructure and security hardware,PAKE protocol is widely used in the field of information security.In spite of the progress of password authenticated key exchange protocol in recent years,it still faces the following problems: First,most of PAKE protocols are not suitable for large-scale end-to-end communication,there are also the problems of replay attacks and low communication efficiency;Second,in password authenticated key exchange protocols,passwords are stored in plaintext on server,and there is a risk of leakage;Third,under the hard problem of learning with errors from lattices,PAKE protocols' computation and communication are inefficient.In this thesis,aiming at the above mentioned problems,we focus on the further research on lattice-based password authenticated key exchange from three aspects of application,security and efficiency.The main research contents are as follows:(1)Aiming at the client's supercharge and replay attack in two-party PAKE protocol,we designed a novel three-party PAKE protocol from lattices.The PAKE protocol was constructed by using a splittable public-key encryption scheme and an associated approximate smooth projective hash function,and message authentication mechanism was introduced in the protocol to resist replay attacks.There is a clear optimization of both the communicational and computational cost,and the security ofprotocol application is also improved.(2)Aiming at the leakage of server information in lattice-based PAKE protocol,we proposed a provable security verifier-based PAKE protocol from learning with errors problem on lattices.We combined randomized password hash scheme and zero-knowledge password policy check mechanism to realize the authentication between user and server.And we then constructed an improvement ASPH function and designed this protocol by combining public-key encryption.The analysis shows that the proposed protocol can resist server leakage,undetectable online dictionary attack and quantum attack.(3)Aiming at the larger module and larger key size of PAKE protocol on lattices,we proposed a novel PAKE protocol from ring learning with errors problem.We used Peikert error reconciliation mechanism to operate the errors,and the size of parameter value moduls was decreased to polynomial magnitude.The new protocol reduces the cost of computation and communication,and improves the pratical application.