Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus

doi:10.19682/j.cnki.1005-8885.2020.0045

中国邮电高校学报(英文) ›› 2020, Vol. 27 ›› Issue (6): 42-53.doi: 10.19682/j.cnki.1005-8885.2020.0045

Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus

赵宗渠马少提王永军汤永利叶青

1. 河南理工大学计算机科学与技术学院
2. 河南理工大学

收稿日期:2020-08-17 修回日期:2020-12-01 出版日期:2020-12-31 发布日期:2020-12-31
通讯作者: 叶青 E-mail:yeqing@hpu.edu.cn
基金资助:
河南省高校科技创新团队支持计划;河南省重点研发与推广专项(科技攻关)项目;“河南省网络密码技术重点实验室”开放课题;国家自然科学基金;河南省高等学校重点科研项目

Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus

Zhao Zongqu, Ma Shaoti, Wang Yongjun, Tang Yongli, Ye Qing

Received:2020-08-17 Revised:2020-12-01 Online:2020-12-31 Published:2020-12-31
Supported by:
Support Plan of Scientific and Technological Innovation Team in Universities of Henan Province;Scientific and Technological Project of Henan province;Henan Key Laboratory of Network Cryptography Technology;The National Natural Science Fund;Key scientific research projects of universities in Henan Province

摘要/Abstract

摘要：

In the post-quantum era, the password-based authentication key exchange (PAKE) protocol on lattice has the

characteristics of convenience and high efficiency, however these protocols cannot resist online dictionary attack that is a common method used by attackers. A lattice-based two-factor ( biometric and password) authentication key exchange (TFAKE) protocol based on key consensus (KC) is proposed. The protocol encapsulates the hash value of biometric information and password through a splittable encryption method, and compares the decapsulated information with the server's stored value to achieve the dual identity authentication. Then the protocol utilizes the asymmetric hash structure to simplify the calculation steps, which increases the calculation efficiency. Moreover, KC algorithm is employed in reducing data transmission overhead. Compared with the current PAKE protocol, the proposed protocol has the characteristics of hybrid authentication and resisting online dictionary attack. And it reduces the number of communication rounds and improves the efficiency and the security of protocol application.

关键词: KC, biometric, key exchange, password

Abstract:

In the post-quantum era, the password-based authentication key exchange (PAKE) protocol on lattice has the

Key words: KC, biometric, key exchange, password

中图分类号:

TP309

Zhao Zongqu, Ma Shaoti, Wang Yongjun, Tang Yongli, Ye Qing. Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus[J]. The Journal of China Universities of Posts and Telecommunications, 2020, 27(6): 42-53.

参考文献

1. Bellovin S M, Merritt M. Encrypted key exchange: Password-based protocols secure against dictionary attacks. Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, 1992, May 4-6, Oakland, CA, USA. Piscataway, NJ, USA: IEEE, 1992: 72-84

2. Katz J, Ostrovsky R, Yung M. Efficient password-authenticated key exchange using human-memorable password. Advances in Cryptology: Proceedings of the 2001 International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT'01), 2001, May 6-10, Innsbruck, Austria. LNCS 2045. Berlin, Germany: Springer, 2001: 475-494

3. Shor P W. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Review, 1999, 41(2): 303-332

4. Crame R, Shoup V. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. Advances in Cryptology: Proceedings of the 2002 International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT'02), 2002, Apr 28-May 2, Amsterdam, The Netherlands. LNCS 2332. Berlin, Germany: Springer, 2002: 45-64

5. Katz J, Vaikuntanathan V. Smooth projective hashing and password-based authenticated key exchange from lattices. Advances in Cryptology: Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'09), 2009, Dec 6-10, Tokyo, Japan. LNCS 5912. Berlin, Germany: Springer, 2009: 636-652

6. Regev O. On lattices, learning with errors, random linear codes, and cryptography. Proceedings of the 37th annual ACM symposium on Theory of Computing (STOC'05), 2005, May 22-24, Baltimore, MD, USA. New York, NY, USA: ACM, 2005: 84-93

7. Gennaro R, Lindell Y. A framework for password-based authenticated key exchange. ACM Trans on Information and System Security, 2006, 9(2): 181-234

8. Ding Y, Fa L. Efficient password-based authenticated key exchange from lattices. Proceedings of the 7th International Conference on Computational Intelligence and Security, 2011, Dec 3-4, Sanya, China. Piscataway, NJ, USA: IEEE, 2011: 934-938

9. Groce A, Katz J. A new framework for efficient password-based authenticated key exchange. Proceedings of the 17th ACM conference on Computer and communications security (CCS'10), 2010, Oct 4-8, Chicago, IL, USA. New York, NY, USA: ACM, 2010: 516-525

10. Katz J, Vaikuntanathan V. Round-optimal password-based authenticated key exchange. Journal of Cryptology, 2013, 26(4): 714-743

11. Peikert C. Lattice cryptography for the Internet. Post-Quantum Cryptography: Proceedings of the 6th International Workshop (PQCrypto'14), 2014, Oct 1-3, Waterloo, Canada. LNCS 8772. Berlin, Germany: Springer, 2014: 197-219

12. Jin Z Z, Zhao Y L. Optimal key consensus in presence of noise. ArXiv: 1611.06150, 2016

13. Zhang J, Yu Y. Two-round PAKE from approximate SPH and instantiations from lattices. Advances in Cryptology: Proceedings of the 23rd International Conference on the Theory and Applications of Cryptology and Information Security (ASIACRYPT'17), 2017, Dec 3-7, Hong Kong, China. LNCS 10626. Berlin, Germany: Springer, 2017: 37-67

14. Islam S H. Provably secure two-party authenticated key agreement protocol for post-quantum environments. Journal of Information Security and Applications, 2020, 52: 102468/1-8

15. Pokkathayil J G, Rajmane T, Mhatre R, et al. Defences to curb online password guessing attacks. International Journal of Advanced Research in Computer and Communication Engineering, 2015, 4(2): 17-183

16. Kolesnikov V, Rackoff C. Password mistyping in two-factor authenticated key exchange. Automata, Languages and Programming: Proceedings of the 35th International Colloquium on Automata, Languages and Programming (ICALP'08), 2008, Jul 7-11, Reykjavik, Iceland. LNCS 5126. Berlin, Germany: Springer, 2008: 702-714

17. Griffin P H. Biometric knowledge extraction for multi-factor authentication and key exchange. Procedia Computer Science, 2015, 61: 66-71

18. Nguyen N T, Chang C C. Untraceable biometric-based three-party authenticated key exchange for dynamic systems. Peer to Peer Networking and Applications, 2017, 11(3): 1-20

19. Nag S, Banerjee S, Sen S. A new three party authenticated key agreement protocol which is defiant towards password guessing attack. Proceedings of the 2019 International Conference on Automation, Computational and Technology Management (ICACTM'19), 2019, Apr 24-26, London, UK. Piscataway, NJ, USA: IEEE, 2019: 13-18

20. Jin A T B, Ling D N C, Goh A. Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 2004, 37(11): 2245-2255

21. Lumini A, Nanni L. An improved BioHashing for human authentication. Pattern Recognition, 2007, 40(3): 1057-1065

22. Lu Y R, Xu G Q, Li L X et al. Anonymous three-factor authenticated key agreement for wireless sensor networks. Wireless Networks, 2019, 25(4): 1461-1475

23. Das A K. A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. International Journal of Communication Systems, 2017, 30(1): e2933/1-25

24. Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks. Advances in Cryptology: Proceedings of the 2000 International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT'00), 2000, May 14-18, Bruges, Belgium. LNCS 1807. Berlin, Germany: Springer, 2000: 139-155

[1]	孟慧任利娜赵宗渠. Identity-based proxy re-encryption scheme from RLWE assumption with ciphertext evolution[J]. 中国邮电高校学报(英文版), 2023, 30(5): 51-60.
[2]	Peng Weiping, Cui Shuang, Song Cheng, Han Ning. Enhanced secure medical data sharing with traceable and direct revocation[J]. 中国邮电高校学报(英文版), 2023, 30(1): 66-79.
[3]	Han Yushan, Che Bichen, Liu Jiali, Dou Zhao, Di Junyu. Nearly universal and efficient quantum secure multi-party computation protocol[J]. 中国邮电高校学报(英文版), 2022, 29(4): 51-68.
[4]	Han Gang, Xing Qixuan, Zhang Yinghui. Fine-grained cooperative access control scheme with hidden policies[J]. 中国邮电高校学报(英文版), 2021, 28(6): 13-25.
[5]	Tao Yunting, Kong Fanyu, Yu Jia. EPMDA: an efficient privacy-preserving multi-dimensional data aggregation scheme for edge computing-based IoT system [J]. 中国邮电高校学报(英文版), 2021, 28(6): 26-35.
[6]	Xu Yan, Li Zheng, Ding Long, Xu Rui. Cross-domain data cloud storage auditing scheme based on certificateless cryptography [J]. 中国邮电高校学报(英文版), 2021, 28(6): 36-47.
[7]	赵国生张婧婷王健. Research on location privacy protection method of sensor-cloud base station [J]. 中国邮电高校学报(英文版), 2021, 28(1): 64-77.
[8]	林杰刘川意方滨兴. VMScan: an out-of-VM malware scanner [J]. 中国邮电高校学报(英文版), 2020, 27(4): 59-68.
[9]	Tang Yongli, Wang Mingming, Ye Qing, Qin Panke, Zhao Zongqu. Lattice-based hierarchical identity-based broadcast encryption scheme in the standard model[J]. 中国邮电高校学报(英文版), 2019, 26(4): 70-79.
[10]	Cai Xiumei, Liu Chao, Huang Xianying, Liu Xiaoyang, Cao Qiong, Yang Hongyu. Dynamic model of computer viruses under the effect of removable media and external computers[J]. 中国邮电高校学报(英文版), 2018, 25(4): 86-93.
[11]	Min Xiangshen, Fan Jiulun, Zhang Xuefeng, Ren Fang. Color image encryption scheme based on chaotic systems[J]. 中国邮电高校学报(英文版), 2018, 25(2): 39-48.
[12]	Ding Haiyang, Li Zichen, Bi Wei. (k, n) halftone visual cryptography based on Shamir‘s secret sharing[J]. 中国邮电高校学报(英文版), 2018, 25(2): 60-76.
[13]	Chen Shangdi, Wen Jiejing. New key pre-distribution scheme using symplectic geometry over finite fields for wireless sensor networks[J]. 中国邮电高校学报(英文版), 2017, 24(5): 16-22.
[14]	谢佳胡予濮高军涛高雯李雪莲. Attribute-based signatures on lattices[J]. 中国邮电高校学报(英文版), 2016, 23(4): 83-90.
[15]	冯超辛阳. Fast key generation for Gentry-style homomorphic encryption[J]. Acta Metallurgica Sinica(English letters), 2014, 21(6): 37-44.

Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus

Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价