Post-Quantum Secure Remote Password Protocol from RLWE Problem

Xinwei Gao; Jintai Ding; Jiqiang Liu; Lin Li

doi:10.1007/978-3-319-75160-3_8

Post-Quantum Secure Remote Password Protocol from RLWE Problem

Xinwei Gao, Jintai Ding, Jiqiang Liu^*, Lin Li

^*Corresponding author for this work

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

11 Citations (Scopus)

Abstract

Secure Remote Password (SRP) protocol is an augmented Password-based Authenticated Key Exchange (PAKE) protocol based on discrete logarithm problem (DLP) with various attractive security features. Compared with basic PAKE protocols, SRP does not require server to store user’s password and user does not send password to server to authenticate. These features are desirable for secure client-server applications. SRP has gained extensive real-world deployment, including Apple iCloud, 1Password etc. However, with the advent of quantum computer and Shor’s algorithm, classic DLP-based public key cryptography algorithms are no longer secure, including SRP. Motivated by importance of SRP and threat from quantum attacks, we propose a RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange. We also present parameter choice and efficient portable C++ implementation of RLWE-SRP. Implementation of our 209-bit secure RLWE-SRP is more than 3x faster than 112-bit secure original SRP protocol, 5.5x faster than 80-bit secure J-PAKE and 14x faster than two 184-bit secure RLWE-based PAKE protocols with more desired properties.

Original language	English
Title of host publication	Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers
Editors	Xiaofeng Chen, Moti Yung, Dongdai Lin
Publisher	Springer Verlag
Pages	99-116
Number of pages	18
ISBN (Print)	9783319751597
DOIs	https://doi.org/10.1007/978-3-319-75160-3_8
Publication status	Published - 2018
Externally published	Yes
Event	13th International Conference on Information Security and Cryptology, Inscrypt 2017 - Xi'an, China Duration: 3 Nov 2017 → 5 Nov 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10726 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	13th International Conference on Information Security and Cryptology, Inscrypt 2017
Country/Territory	China
City	Xi'an
Period	3/11/17 → 5/11/17

Keywords

Implementation
PAKE
Post-quantum
Protocol
RLWE
SRP

Access to Document

10.1007/978-3-319-75160-3_8

Cite this

Gao, X., Ding, J., Liu, J., & Li, L. (2018). Post-Quantum Secure Remote Password Protocol from RLWE Problem. In X. Chen, M. Yung, & D. Lin (Eds.), Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers (pp. 99-116). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10726 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-75160-3_8

Gao, Xinwei ; Ding, Jintai ; Liu, Jiqiang et al. / Post-Quantum Secure Remote Password Protocol from RLWE Problem. Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers. editor / Xiaofeng Chen ; Moti Yung ; Dongdai Lin. Springer Verlag, 2018. pp. 99-116 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{08d65f8f33614c78a9c94dbca86cbb1b,

title = "Post-Quantum Secure Remote Password Protocol from RLWE Problem",

abstract = "Secure Remote Password (SRP) protocol is an augmented Password-based Authenticated Key Exchange (PAKE) protocol based on discrete logarithm problem (DLP) with various attractive security features. Compared with basic PAKE protocols, SRP does not require server to store user{\textquoteright}s password and user does not send password to server to authenticate. These features are desirable for secure client-server applications. SRP has gained extensive real-world deployment, including Apple iCloud, 1Password etc. However, with the advent of quantum computer and Shor{\textquoteright}s algorithm, classic DLP-based public key cryptography algorithms are no longer secure, including SRP. Motivated by importance of SRP and threat from quantum attacks, we propose a RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange. We also present parameter choice and efficient portable C++ implementation of RLWE-SRP. Implementation of our 209-bit secure RLWE-SRP is more than 3x faster than 112-bit secure original SRP protocol, 5.5x faster than 80-bit secure J-PAKE and 14x faster than two 184-bit secure RLWE-based PAKE protocols with more desired properties.",

keywords = "Implementation, PAKE, Post-quantum, Protocol, RLWE, SRP",

author = "Xinwei Gao and Jintai Ding and Jiqiang Liu and Lin Li",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG, part of Springer Nature 2018.; 13th International Conference on Information Security and Cryptology, Inscrypt 2017 ; Conference date: 03-11-2017 Through 05-11-2017",

year = "2018",

doi = "10.1007/978-3-319-75160-3_8",

language = "English",

isbn = "9783319751597",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "99--116",

editor = "Xiaofeng Chen and Moti Yung and Dongdai Lin",

booktitle = "Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers",

}

Gao, X, Ding, J, Liu, J & Li, L 2018, Post-Quantum Secure Remote Password Protocol from RLWE Problem. in X Chen, M Yung & D Lin (eds), Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10726 LNCS, Springer Verlag, pp. 99-116, 13th International Conference on Information Security and Cryptology, Inscrypt 2017, Xi'an, China, 3/11/17. https://doi.org/10.1007/978-3-319-75160-3_8

Post-Quantum Secure Remote Password Protocol from RLWE Problem. / Gao, Xinwei; Ding, Jintai; Liu, Jiqiang et al.
Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers. ed. / Xiaofeng Chen; Moti Yung; Dongdai Lin. Springer Verlag, 2018. p. 99-116 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10726 LNCS).

Research output: Chapter in Book or Report/Conference proceeding › Conference Proceeding › peer-review

TY - GEN

T1 - Post-Quantum Secure Remote Password Protocol from RLWE Problem

AU - Gao, Xinwei

AU - Ding, Jintai

AU - Liu, Jiqiang

AU - Li, Lin

N1 - Publisher Copyright: © Springer International Publishing AG, part of Springer Nature 2018.

PY - 2018

Y1 - 2018

N2 - Secure Remote Password (SRP) protocol is an augmented Password-based Authenticated Key Exchange (PAKE) protocol based on discrete logarithm problem (DLP) with various attractive security features. Compared with basic PAKE protocols, SRP does not require server to store user’s password and user does not send password to server to authenticate. These features are desirable for secure client-server applications. SRP has gained extensive real-world deployment, including Apple iCloud, 1Password etc. However, with the advent of quantum computer and Shor’s algorithm, classic DLP-based public key cryptography algorithms are no longer secure, including SRP. Motivated by importance of SRP and threat from quantum attacks, we propose a RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange. We also present parameter choice and efficient portable C++ implementation of RLWE-SRP. Implementation of our 209-bit secure RLWE-SRP is more than 3x faster than 112-bit secure original SRP protocol, 5.5x faster than 80-bit secure J-PAKE and 14x faster than two 184-bit secure RLWE-based PAKE protocols with more desired properties.

AB - Secure Remote Password (SRP) protocol is an augmented Password-based Authenticated Key Exchange (PAKE) protocol based on discrete logarithm problem (DLP) with various attractive security features. Compared with basic PAKE protocols, SRP does not require server to store user’s password and user does not send password to server to authenticate. These features are desirable for secure client-server applications. SRP has gained extensive real-world deployment, including Apple iCloud, 1Password etc. However, with the advent of quantum computer and Shor’s algorithm, classic DLP-based public key cryptography algorithms are no longer secure, including SRP. Motivated by importance of SRP and threat from quantum attacks, we propose a RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange. We also present parameter choice and efficient portable C++ implementation of RLWE-SRP. Implementation of our 209-bit secure RLWE-SRP is more than 3x faster than 112-bit secure original SRP protocol, 5.5x faster than 80-bit secure J-PAKE and 14x faster than two 184-bit secure RLWE-based PAKE protocols with more desired properties.

KW - Implementation

KW - PAKE

KW - Post-quantum

KW - Protocol

KW - RLWE

KW - SRP

UR - http://www.scopus.com/inward/record.url?scp=85042232274&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-75160-3_8

DO - 10.1007/978-3-319-75160-3_8

M3 - Conference Proceeding

AN - SCOPUS:85042232274

SN - 9783319751597

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 99

EP - 116

BT - Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers

A2 - Chen, Xiaofeng

A2 - Yung, Moti

A2 - Lin, Dongdai

PB - Springer Verlag

T2 - 13th International Conference on Information Security and Cryptology, Inscrypt 2017

Y2 - 3 November 2017 through 5 November 2017

ER -

Gao X, Ding J, Liu J, Li L. Post-Quantum Secure Remote Password Protocol from RLWE Problem. In Chen X, Yung M, Lin D, editors, Information Security and Cryptology - 13th International Conference, Inscrypt 2017, Revised Selected Papers. Springer Verlag. 2018. p. 99-116. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-75160-3_8

Post-Quantum Secure Remote Password Protocol from RLWE Problem

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this