Abstract
Due to recent advancements in mobile and wireless technologies, many mobile-based applications have received greater attention. Users can use their mobile devices to access various web services via the Internet from any location at any time. Hence, security becomes a critical issue in wireless communications because of the open nature of the network. Over the last two decades, many researchers have proposed various authentication protocols for mobile devices to ensure safe communication. These protocols follow either two party architecture or three party architecture. Most of these protocols are based on discrete logarithms or integer factorization problems, which are solvable in polynomial time algorithms for quantum computers. As a result, authenticated key agreement (AKA) schemes based on factorization and discrete logarithms are not secure in post-quantum environments. Thus, analyzing and designing AKA schemes for the quantum environment is required. We propose two party authenticated key agreement scheme for mobile devices based on ring learning with error problems. The proposed AKA scheme security is based on hard lattice problems. The security of the proposed design is analyzed and proved in the random oracle model. Moreover, performance evaluation and comparative study are also done to understand the proposed design’s usefulness.
Similar content being viewed by others
Data availability
Data sharing is not applicable to this article as no new data were created or analyzed in this study.
References
Shor PW (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41(2):303–332
Chen L, Chen L, Jordan S, Liu YK, Moody D, Peralta R, Perlner RA, Smith-Tone D (2016) Report on post-quantum cryptography, vol 12. US Department of Commerce, National Institute of Standards and Technology
Bernstein DJ, Lange T (2017) Post-quantum cryptography. Nature 549(7671):188–194
Ayub MF, Shamshad S, Mahmood K, Islam SKH, Parizi RM, Choo KKR (2020) A provably secure two-factor authentication scheme for usb storage devices. IEEE Trans Consum Electron 66(4):396–405
Rafique F, Obaidat MS, Mahmood K, Ayub MF, Ferzund J, Chaudhry SA (2022) An efficient and provably secure certificateless protocol for industrial internet of things. IEEE Trans Industr Inf 18(11):8039–8046
Lyubashevsky V, Peikert C, Regev O (2010) On ideal lattices and learning with errors over rings. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 1–23. Springer
Ding J, Xie X, Lin X (2012) A simple provably secure key exchange scheme based on the learning with errors problem. Cryptology ePrint Archive
Zhang J, Zhang Z, Ding J, Snook M, Dagdelen Ö (2015) Authenticated key exchange from ideal lattices. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 719–751. Springer
Feng Q, He D, Zeadally S, Kumar N, Liang K (2018) Ideal lattice-based anonymous authentication protocol for mobile devices. IEEE Syst J 13(3):2775–2785
Dabra V, Bala A, Kumari S (2020) Lba-pake: Lattice-based anonymous password authenticated key exchange for mobile devices. IEEE Systems Journal
Islam SKH (2020) Provably secure two-party authenticated key agreement protocol for post-quantum environments. Journal of Information Security and Applications 52:102468
Dabra V, Bala A, Kumari S (2021) Flaw and amendment of a two-party authenticated key agreement protocol for post-quantum environments. Journal of Information Security and Applications 61:102889
Ding R, Cheng C, Qin Y (2022) Further analysis and improvements of a lattice-based anonymous pake scheme. IEEE Systems Journal
He D, Zeadally S, Kumar N, Wu W (2016) Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Trans Inf Forensics Secur 11(9):2052–2064
Islam SKH, Obaidat MS, Amin R (2016) An anonymous and provably secure authentication scheme for mobile user. Int J Commun Syst 29(9):1529–1544
Dharminder D (2021) Lwedm: Learning with error based secure mobile digital rights management system. Transactions on Emerging Telecommunications Technologies 32(2):e4199
Ren P, Gu X (2022) Practical post-quantum password-authenticated key exchange based-on module-lattice. In Information Security and Cryptology–ICISC 2021: 24th International Conference, Seoul, South Korea, December 1–3, 2021, Revised Selected Papers, pages 137–156. Springer
Li Z, Wang D, Morais E (2020) Quantum-safe round-optimal password authentication for mobile devices. IEEE Transactions on Dependable and Secure Computing
Wang Q, Wang D, Cheng C, He D (2021) Quantum2fa: efficient quantum-resistant two-factor authentication scheme for mobile devices. IEEE Transactions on Dependable and Secure Computing
Dharminder D, Chandran KP (2020) Lwesm: learning with error based secure communication in mobile devices using fuzzy extractor. J Ambient Intell Humaniz Comput 11(10):4089–4100
Ding J, Alsayigh S, Lancrenon J, Rv S, Snook M (2017) Provably secure password authenticated key exchange based on rlwe for the post-quantum world. In Cryptographers’ Track at the RSA conference, pages 183–204. Springer
Gentry C, Peikert C, Vaikuntanathan V (2008) Trapdoors for hard lattices and new cryptographic constructions. In Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, pages 197–206
Micciancio D, Regev O (2007) Worst-case to average-case reductions based on gaussian measures. SIAM J Comput 37(1):267–302
Lyubashevsky V, Peikert C, Regev O (2013) On ideal lattices and learning with errors over rings. Journal of the ACM (JACM) 60(6):1–35
Shoup V (2004) Sequences of games: a tool for taming complexity in security proofs. Cryptology Eprint Archive
Microsoft (2006) Lattice cryptography library. https://github.com/b/LatticeCrypto
MIRACL Community (2018) Miracl cryptography library. https://github.com/miracl/MIRACL
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
The authors confirm contribution to the paper as follows: Analysis of Existing protocol security Bshisht Moony and Amit K. Barnwal; Designing the protocol: Bshisht Moony and Dheerendra Mishra; Discussion on protocol security: Amit K. Barnwal and Mrityunjay Singh;Defining Adversary model and Security Requirements: Mrityunjay Singh; Designing the proof and discussion on the proof of security: Dheerendra Mishra and Mrityunjay Singh; Implementing different Crypto Functions and their Computation cost analysis: Bshisht Moony and Mrityunjay Singh; Analysis of performance: Dheerendra Mishra; Comparative Study: Amit K. Barnwal; Wrote the main manuscript text: Bshisht Moony and Mrityunjay Singh. All authors reviewed the results and approved the final version of the manuscript.
Corresponding author
Ethics declarations
Ethics approval
Not applicable.
Conflict of interest
Author would like to report that they have no conflicts.
Consent to publish
All authors give their consent to publish.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the Topical Collection: Special Issue on 2 - Track on Security and Privacy
Guest Editors: Rongxing Lu
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Moony, B., Barnwal, A.K., Singh, M. et al. Quantum secure two party authentication protocol for mobile devices. Peer-to-Peer Netw. Appl. 16, 2548–2559 (2023). https://doi.org/10.1007/s12083-023-01534-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-023-01534-5