摘要
现有基于格的3PAKE协议皆属于对称协议,即用户口令被以明文或哈希值的形式存储在服务器上,这使得协议易遭受服务器泄露攻击.而基于验证元的格基3PAKE协议则可以抵抗这类攻击.因此,首先在通用可组合框架下,基于Gentry等人提出的非对称口令认证密钥交换理想功能,定义了基于验证元的3PAKE理想功能.然后,基于Gao等人于2017年所提出的理想格上基于验证元的两方口令认证密钥交换协议,并同时借鉴Abdalla等人关于构造通用可组合安全协议的设计思想,构造出一个理想格上基于验证元的3PAKE协议.接着,证明新协议可以安全地实现基于验证元的3PAKE理想功能.最后,通过与相关协议进行比较,表明新协议在提高了安全性的情况下,仍与它们具有相当的计算与通信效率.
Currently,all the existing lattice-based 3PAKE protocols are symmetric,i.e.,in such a protocol the user’s password is stored in the form of plaintext or hash value on the server,which makes the protocol vulnerable to server leakage attacks.Oppositely,a verifier-based lattice-based 3PAKE protocol can resist this kind of attacks.Based on Gentry et al.’s ideal function of asymmetric password authenticated key exchange,we first define the ideal function of 3PAKE based on verifier.Then,combining the idea of the verifier-based two-party password authenticated key exchange protocol of Gao et al.we propose a verifier-based 3PAKE protocol using ideal lattices.We prove that our new protocol realizes the ideal function of 3PAKE based on verifier.Finally,by comparing with the related protocols,it is shown that the protocol has comparable computing and communication efficiency while on the other hand enjoys a better security level.
作者
舒琴
王圣宝
胡斌
韩立东
SHU Qin;WANG Sheng-Bao;HU Bin;HAN Li-Dong(School of Information Science and Engineering,Hangzhou Normal University,Hangzhou 311121,China)
出处
《密码学报》
CSCD
2021年第2期294-306,共13页
Journal of Cryptologic Research
基金
国家重点研发计划(2017YFB0802000)
国家自然科学基金青年科学基金(61702152,61702153)。
关键词
三方密钥交换
口令认证
理想格
通用可组合性
服务器泄露攻击
three-party key exchange
password authentication
ideal lattice
universally composability
server compromise attacks
