Research On Practical Password Authentication Key Agreement Protoco

With the rapid development and wide application of network and communication technology,it makes People’s Daily life more and more convenient,but it also brings serious information security problems.So how to establish a secure channel and efficiently exchange data in open network communication is a topic worth studying.Key Agreement(KA)enables communication parties to negotiate a session key in an open network,but it does not have identity authentication.Authenticated key agreement(AKA)improves the KA protocol,implements identity authentication and session key negotiation,and establishes a secure channel.At present,there are many researches on AKA protocol.Scholars have proposed many AKA protocols,such as those based on Public key infrastructure(PKI),identity-based and password-based.Among them,Password authenticated key agreement(PAKA)is a convenient and fast protocol.PAKA protocol can realize mutual authentication in open network communication and negotiate a correct high entropy session key for subsequent secure communication only by sharing a low entropy password that is convenient to remember between entities.In addition,PAKA protocol can be deployed conveniently without using a huge public key infrastructure,and is very user-friendly and convenient for users.It is one of the hot topics in AKA protocol research field.At present,most AKA protocols are constructed based on classical number theory problems(such as large integer decomposition and discrete logarithm,etc.).In recent years,with the continuous development of quantum computing technology,cryptography based on classical number theory problems is facing severe security challenges.PAKA protocol is no exception,so it is very necessary to construct PAKA protocol that can resist quantum attacks.Among many post-quantum schemes,lattice-based cryptography has good performance,and there is no effective quantum algorithm to solve difficult problems on lattice-based cryptography in probabilistic polynomial time.Therefore,lattice-based cryptography is one of the ideal choices for constructing anti-quantum AKA protocols.In recent years,many latticebased post-quantum PAKA protocols have been proposed by scholars,but they need to be improved in terms of security and overhead.In view of the above problems,this paper mainly does the following research work:(1)A two-party provably secure post-quantum PAKA protocol based on Ring learning with errors(RLWE)problem is proposed,and an improved BPR(Bellare-PointchevalRogaway,Strict formal security proof is given in BPR model.The two-party PAKA protocol used the Cumulative Distribution Function(CDF-Zipf)to simulate the online attack capability of the adversary.In order to simplify the proof,the Pair with errors(PWE)problem is proposed.The security proof is reduced to proof against online dictionary attacks,and it is proved that the proposed scheme satisfies forward security.The performance analysis results show that compared with the related two-party post-quantum PAKA scheme,the proposed protocol has lower computing and communication overhead,can resist offline dictionary attacks,and has better security.(2)A post-quantum anonymous three-party PAKA called 3PAKA protocol is proposed.Likewise,the security of the protocol is demonstrated in detail in the improved BPR model.A new anonymous 3PAKA protocol is proposed to process passwords into eigenvalues and store them on the server,which can effectively resist server leakage attacks.Meanwhile,in order to resist undetected password guessing attacks and offline password guessing attacks,a special error adjustment mechanism is used between the server and the client to achieve mutual authentication.Compared with the related schemes,the performance analysis results show that the proposed 3PAKA protocol has higher efficiency and reduces the communication and computing overhead.On the basis of 3PAKA,a PAKA protocol is proposed which can be used for cross-domain authentication communication,which can better solve the practical problems in practice.In addition,a new password update mechanism is given,which has the characteristics of anonymous authentication,so as to better protect the privacy of users.