Abstract
The quantum computing being a threat motivates us to design a post quantum secure authentication protocol for mobile digital rights management system. In current, a post quantum secure protocol “learning with error based secure mobile digital rights management system” has been proposed. The protocol has been claimed to post quantum secure under the ring learning with errors assumption. We have analyzed that this protocol allows the server to keep a fixed private/public key that causes less communication and computation overheads. But, this leads to signal leakage/modified signal leakage attacks. In this paper, we have discussed signal leakage attacks during the authentication phase of the existing protocol. We have proposed a new post quantum authenticated key agreement protocol for the digital rights management system. In the proposed protocol, the server uses a random value instead of using fixed value chosen by the user, and it establishes a session key with the user. Moreover, this protocol needs to exchange just two messages that confirm the efficiency. The protocol has been proved secure in a random oracle model under ring learning with errors assumption. Moreover, the article contains an informal security discussion and a simulation using NS3 simulator.
Similar content being viewed by others
Data Availability
Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study.
References
Aguilar-Melchor C, Barrier J, Guelton S, Guinet A, Killijian M-O, Lepoint T (2016) Nfllib: Ntt-based fast lattice library. In: Cryptographers’ track at the RSA conference. Springer, pp 341–356
Chang C-C, Chang S-C, Yang J-H (2013) A practical secure and efficient enterprise digital rights management mechanism suitable for mobile environment. Secur Commun Netw 6(8):972–984
Chang C-C, Yang J-H, Wang D-W (2010) An efficient and reliable e-drm scheme for mobile environments. Expert Syst Appl 37(9):6176–6181
Chen C-L (2008) A secure and traceable e-drm system based on mobile device. Expert Syst Appl 35(3):878–886
Dabra V, Bala A, Kumari S (2020) Lba-pake: Lattice-based anonymous password authenticated key exchange for mobile devices. IEEE Systems Journal
Dabra V, Bala A, Kumari S (2021) Reconciliation based key exchange schemes using lattices: a review. Telecommun Syst 1–22
Dharminder D (2021) Lwedm: Learning with error based secure mobile digital rights management system. Transactions on Emerging Telecommunications Technologies 32(2):e4199
Dharminder D, Prabhu Chandran K (2020) Lwesm: learning with error based secure communication in mobile devices using fuzzy extractor. J Ambient Intell Humaniz Comput 11(10):4089–4100
Dharminder D, Mishra D (2020) Lcppa: Lattice-based conditional privacy preserving authentication in vehicular communication. Transactions on Emerging Telecommunications Technologies, 31(2)
Ding J, Alsayigh S, Saraswathy RV, Fluhrer S, Lin X (2017) Leakage of signal function with reused keys in rlwe key exchange. In: 2017 IEEE International conference on communications (ICC). IEEE, pp 1–6
Ding J, Fluhrer S, Rv S (2018) Complete attack on rlwe key exchange with reused keys, without signal leakage. In: Australasian conference on information security and privacy. Springer, pp 467–486
Fan Q, Chen J, Wen Y, Luo M (2022) Eland:An efficient lightweight anonymous authentication protocol applied to digital rights management system. Journal of Internet Technology 23(2):267–278
Fluhrer S (2016) Cryptanalysis of ring-lwe based key exchange with key share reuse. Cryptology ePrint Archive
He D, Kumar N, Lee J-H, Simon Sherratt R (2014) Enhanced three-factor security protocol for consumer usb mass storage devices. IEEE Trans Consum Electron 60(1):30–37
He D, Zeadally S, Kumar N, Wu W (2016) Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Trans Inf Forensics Secur 11(9):2052–2064
Hussain S, Zikria YB, Mallah GA, Chen C-M, Alshehri MD, Ishmanov F, Chaudhry SA (2022) An improved authentication scheme for digital rights management system. Wirel Commun Mob Comput 2022
Hafizul Islam SK, Obaidat MS, Amin R (2016) An anonymous and provably secure authentication scheme for mobile user. Int J Commun Syst 29 (9):1529–1544
Jain AK, Ross A, Prabhakar S et al (2004) An introduction to biometric recognition. IEEE Transactions on Circuits and Systems for Video Technology, 14(1)
Kim D, Kang J, Kim TW, Yi P, Park JH (2021) The future of quantum information: Challenges and vision. Journal of Information Processing Systems 17(1):151–162
Kirkwood D, Lackey BC, McVey J, Motley M, Solinas JA, Tuller D (2015) Failure is not an option Standardization issues for post-quantum key agreement. In: Workshop on cybersecurity in a post-quantum world, p 21
Lee C-C, Li C-T, Chen Z-W, Lai Y-M, Shieh J-C (2018) An improved e-drm scheme for mobile environments. Journal of Information Security and Applications 39:19–30
Liu Y, Chang C-C, Chang S-C (2015) A group key distribution system based on the generalized aryabhata remainder theorem for enterprise digital rights management. Journal of Information Hiding and Multimedia Signal Processing 6(1):140–153
Lyubashevsky V, Peikert C, Regev O (2010) On ideal lattices and learning with errors over rings. In: Annual international conference on the theory and applications of cryptographic techniques. Springer, pp 1–23
Micciancio D (2007) Generalized compact knapsacks, cyclic lattices, and efficient one-way functions. Comput Complex 16(4):365–411
Micciancio D, Regev O (2007) Worst-case to average-case reductions based on gaussian measures. SIAM J Comput 37(1):267–302
Mishra D, Das AK, Mukhopadhyay S (2015) An anonymous and secure biometric-based enterprise digital rights management system for mobile environment. Security and Communication Networks 8(18):3383–3404
Mishra D, Obaidat MS, Mishra A (2021) Privacy preserving location-based content distribution framework for digital rights management systems. In: 2021 International conference on communications, computing, cybersecurity, and informatics (CCCI). IEEE, pp 1–5
Qi F, He D, Zeadally S, Kumar N, Liang K (2018) Ideal lattice-based anonymous authentication protocol for mobile devices. IEEE Syst J 13 (3):2775–2785
Rana S, Mishra D (2021) Lattice-based key agreement protocol under ring-lwe problem for iot-enabled smart devices. Sādhanā 46(2):1–11
Shor PW (1994) Algorithms for quantum computation: Discrete logarithms and factoring. In: Proceedings 35th annual symposium on foundations of computer science. Ieee, pp 124–134
Shor PW (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41(2):303–332
Wang L-J, Zhang K-Y, Wang J-Y, Cheng J, Yang Y-H, Tang S-B, Yan D, Tang Y-L, Liu Z, Yu Y, et al (2021) Experimental authentication of quantum key distribution with post-quantum cryptography. npj Quantum Information 7(1):1–7
Wang Q, Wang D, Cheng C, He D (2021) Quantum2fa: efficient quantum-resistant two-factor authentication scheme for mobile devices. IEEE Transactions on Dependable and Secure Computing
Yu S, Park K, Park Y, Kim HP, Park YH (2020) A lightweight three-factor authentication protocol for digital rights management system. Peer-to-peer Networking and Applications 13(5):1340–1356
Zeng W, Liu K (2012) Sensitivity analysis of loss of corporate efficiency and productivity associated with enterprise drm technology. In: 2012 Seventh international conference on availability, reliability and security. IEEE, pp 445–453
Zeng W, van Moorsel A (2011) Quantitative evaluation of enterprise drm technology. Electronic Notes in Theoretical Computer Science 275:159–174
Zhang J, Zhang Z, Ding J, Snook M, Dagdelen Ö (2015) Authenticated key exchange from ideal lattices. In: Annual international conference on the theory and applications of cryptographic techniques. Springer, pp 719–751
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of Interests
All the authors have no conflict of interest.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Dadsena, P.K., Jain, J., Rana, S. et al. A construction of post quantum secure authenticated key agreement design for mobile digital rights management system. Multimed Tools Appl 82, 26643–26660 (2023). https://doi.org/10.1007/s11042-023-14937-6
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-023-14937-6