A new lattice-based password authenticated key exchange scheme with anonymity and reusable key

Seyhan, Kübra; Akleylek, Sedat

doi:10.7717/peerj-cs.1791

Cited by 2 publications

(2 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that two other lattice-based PAKE schemes ( Dabra, Bala & Kumari, 2020 ; Ding, Cheng & Qin, 2022 ; Seyhan & Akleylek, 2024 ) for two-party mobile device security were proposed using different approaches, hardness, and additional properties. When we checked the proposals, no source code was given, and the results were not provided for all metrics, such as memory, CPU, and energy usage.…”

Section: Reference Implementation and Comparison Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Password authenticated key exchange-based on Kyber for mobile devices

Seyhan,

Akleylek,

Dursun

2024

PeerJ Computer Science

Self Cite

View full text Add to dashboard Cite

In this article, a password-authenticated key exchange (PAKE) version of the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) public-key encryption and key-establishment standard is constructed. We mainly focused on how the PAKE version of PQC standard Kyber with mobile compatibility can be obtained by using simple structured password components. In the design process, the conventional password-based authenticated key exchange (PAK) approach is updated under the module learning with errors (MLWE) assumptions to add password-based authentication. Thanks to the following PAK model, the proposed Kyber.PAKE provides explicit authentication and perfect forward secrecy (PFS). The resistance analysis against the password dictionary attack of Kyber.PAKE is examined by using random oracle model (ROM) assumptions. In the security analysis, the cumulative distribution function (CDF) Zipf (CDF-Zipf) model is also followed to provide realistic security examinations. According to the implementation results, Kyber.PAKE presents better run-time than lattice-based PAKE schemes with similar features, even if it contains complex key encapsulation mechanism (KEM) components. The comparison results show that the proposed PAKE scheme will come to the fore for the future security of mobile environments and other areas.

show abstract

Section: Reference Implementation and Comparison Resultsmentioning

confidence: 99%

“…The security-related examinations were done by following ROM definitions. In Seyhan & Akleylek (2024) , we also built a four-phase PAKE to achieve reusable key and anonymity features for mobile device-server communication model. In the security analysis, we followed RoR assumptions to prove the semantic security.…”

Section: Introductionmentioning

confidence: 99%