Abstract
This paper presents a provably secure post-quantum authentication and key establishment protocol for mobile environments, which is the first one from supersingular isogeny to our best knowledge that achieves the client user authentication by using the convenient password and the server authentication by using the password-transformed secret value and its certificate, together with the final session key establishment between them. This makes it be quite suitable for providing quantum-resilient security assurance in mobile environments in the near future post-quantum era. The presented protocol actually is constructed by integrating the password-based authentication way with the key encapsulation mechanism and thereby is named as PBKEM for short. The presented post-quantum PBKEM protocol from supersingular isogeny is formally proved secure in the random oracle model under the well-known Bellare–Pointcheval–Rogaway (BPR) security model, whose security is finally reduced to the SI-CDH security assumption and the IND-CCA security of the SIKE scheme. Moreover, it is implemented on a personal computer by using the SIDH Library provided by Microsoft, and the experimental results have shown that the protocol is efficient enough to be applied in practice to provide quantum-resilient security assurance.
Similar content being viewed by others
References
Announcing request for nominations for public-key post-quantum cryptographic algorithms. https://csrc.nist.gov/news/2016/public-key-post-quantum-cryptographic-algorithms
SIDH Library. https://github.com/microsoft/PQCrypto-SIDH
Alagic G, Alperin-Sheriff J, Apon D, Cooper D, Dang Q, Liu YK, Miller C, Moody D, Peralta R, Perlner R et al (2020) Status report on the second round of the nist post-quantum cryptography standardization process. Tech. rep, National Institute of Standards and Technology
Alamati N, Feo LD, Montgomery H, Patranabis S (2020) Cryptographic group actions and applications. Cryptology ePrint Archive, Report 2020/1188. https://eprint.iacr.org/2020/1188
Azarderakhsh R, Jao D, Kalach K, Koziel B, Leonardi C (2016) Key compression for isogeny-based cryptosystems. In: Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography, pp. 1–10. ACM
Azarderakhsh R, Jao D, Koziel B, LeGrow JT, Soukharev V, Taraskin O (2020) How Not to Create an Isogeny-Based PAKE. Cryptology ePrint Archive, Report 2020/361. https://eprint.iacr.org/2020/361
Bellare M, Pointcheval D, Rogaway P (2000) Authenticated key exchange secure against dictionary attacks. In: International conference on the theory and applications of cryptographic techniques, pp. 139–155. Springer
Bellovin SM, Merritt M (1992) Encrypted key exchange: Password-based protocols secure against dictionary attacks
Bernstein DJ, Chou T, Schwabe P (2013) McBits: fast constant-time code-based cryptography pp. 250–272
Castryck W, Lange T, Martindale C, Panny L, Renes J (2018) CSIDH: an efficient post-quantum commutative group action. In: Peyrin T, Galbraith S (eds) Advances in Cryptology - ASIACRYPT 2018. Springer International Publishing, Cham, pp 395–427
Childs A, Jao D, Soukharev V (2010) Constructing elliptic curve isogenies in quantum subexponential time
Costello C, Jao D, Longa P, Naehrig M, Renes J, Urbanik D (2017) Efficient Compression of SIDH Public Keys. Springer, Cham, pp 679–706
Costello C, Longa P, Naehrig M (2016) Efficient algorithms for Supersingular Isogeny Diffie-Hellman. In: Robshaw M, Katz J (eds) Advances in Cryptology - CRYPTO 2016: 36th Annual International Cryptology Conference. Springer, Berlin Heidelberg, pp 572–601
Couveignes JM (2006) Hard homogeneous spaces. Cryptology ePrint Archive, Report 2006/291. https://eprint.iacr.org/2006/291
De Feo L, Kieffer J, Smith B (2018) Towards Practical Key Exchange from Ordinary Isogeny Graphs. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 365–394. Springer
Dierks T, Rescorla E (2008) The transport layer security (TLS) protocol version 1.2
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inform Theory IT–22(6):644–654
Dods C, Smart NP, Stam M (2005) Hash Based Digital Signature Schemes. In: IMA international conference on cryptography and coding, pp. 96–115. Springer
Fujioka A, Takashima K, Terada S, Yoneyama K (2018) Supersingular Isogeny Diffie-Hellman Authenticated Key Exchange. In: International Conference on Information Security and Cryptology, pp. 177–195
Galbraith SD (2018) Authenticated key exchange for SIDH. Cryptology ePrint Archive, Report 2018/266. https://eprint.iacr.org/2018/266
Galbraith SD, Petit C, Shani B, Ti YB (2016) On the Security of Supersingular Isogeny Cryptosystems. In: Advances in Cryptology–ASIACRYPT 2016: 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I 22, pp. 63–91. Springer
Galbraith SD, Petit C, Silva J (2017) Identification Protocols and Signature Schemes Based on Supersingular Isogeny Problems. In: International conference on the theory and application of cryptology and information security, pp. 3–33
Hoffstein J, Pipher J, Silverman JH (1998) NTRU: a ring-based public key cryptosystem. In: International Algorithmic Number Theory Symposium, pp. 267–288. Springer
Jao D, Azarderakhsh R, Campagna M, Costello C, De Feo L, Hess B, Jalali A, Koziel B, LaMacchia B, Longa P et al. (2017) SIKE: supersingular isogeny key encapsulation. Submission to the nist standardization process on post-quantum cryptography
Jao D, De Feo L (2011) Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: International Workshop on Post-Quantum Cryptography, pp. 19–34. Springer
Petzoldt A, Chen MS, Yang BY, Tao C, Ding J (2015) Design principles for hfev- based multivariate signature schemes. In: Iwata T, Cheon JH (eds) Advances in Cryptology - ASIACRYPT 2015. Springer, Berlin Heidelberg, Berlin, Heidelberg, pp 311–334
Pritzker P, Gallagher PD (2014) Sha-3 standard: permutation-based hash and extendable-output functions. Information Tech Laboratory National Institute of Standards and Technology pp. 1–35
Rostovtsev A, Stolbunov A (2006) Public-key cryptosystem based on isogenies. Cryptology ePrint Archive, Report 2006/145. http://eprint.iacr.org/2006/145
Shor PW (1994) Algorithms for quantum computation: Discrete logarithms and factoring. In: Foundations of Computer Science, Proceedings., 35th Annual Symposium on, pp. 124–134. IEEE
Taraskin O, Soukharev V, Jao D, LeGrow J (2018) An isogeny-based password-authenticated key establishment protocol. Cryptology ePrint Archive, Report 2018/886. https://eprint.iacr.org/2018/886
Terada S, Yoneyama K (2019) Password-Based Authenticated Key Exchange from Standard Isogeny Assumptions. In: International Conference on Provable Security, pp. 41–56. Springer
Xu X, Xue H, Wang K, Au MH, Tian S (2019) Strongly Secure Authenticated Key Exchange from Supersingular Isogenies. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 278–308. Springer
Acknowledgements
The author would like to sincerely gratitude to the editor and anonymous reviewers for their valuable comments and work for this paper. This work was supported in part by the Natural Science Basic Research Program of Shaanxi Province of China under Grant 2021JQ-123, in part by National Natural Science Foundation of China (No. 62074131), and in part by the Fundamental Research Funds for the Central Universities (No. 31020200QD011).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Qi, M., Chen, J. Authentication and key establishment protocol from supersingular isogeny for mobile environments. J Supercomput 78, 6371–6385 (2022). https://doi.org/10.1007/s11227-021-04121-8
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-021-04121-8