Publications-Theses
Article View/Open
Publication Export
-
Google ScholarTM
NCCU Library
Citation Infomation
Related Publications in TAIR
題名 主從式架構下基於晶格之通行碼認證金鑰交換協定之研究
A study of password-based authenticated key exchange from lattices for client/server model作者 鄭逸修 貢獻者 左瑞麟
鄭逸修關鍵詞 基於通行碼之認證金鑰交換協定
晶格
誤差學習難問題
金鑰交換協定
雙向驗證機制
主從式架構
PAKE
Lattice
LWE
Key exchange
Mutual authentication
Client/Server model日期 2017 上傳時間 11-Jul-2017 11:56:08 (UTC+8) 摘要 基於通行碼之認證金鑰交換協定(Password-based Authenticated Key Exchange)為一項使要進行交換訊息之雙方做相互驗證並產生一把共享金鑰的技術。藉由通訊雙方共享一組通行碼做為身份驗證的依據,並且在驗證結束後產生一把僅有雙方才知道的祕密通訊金鑰,往後進行傳遞機密資訊時即可透過此金鑰建立安全的通訊管道。 本篇論文提出一個在主從式架構(Client/Server model)下基於晶格(lattice)之通行碼認證金鑰交換協定,用戶端只需記錄與伺服器共享之通行碼,而伺服器端除了通行碼外擁有屬於自己的公私鑰對,雙方間透過共享之通行碼進行相互驗證,並且在兩個步驟內完成認證及金鑰交換。在安全性上基於晶格密碼系統之難問題,若未來量子電腦問世能夠抵擋其強大運算能力之攻擊,達到安全且有效率之通行碼認證金鑰協議。
The password-based authenticated key exchange is a technology that allows both parties to perform mutual authentication and generate a shared session key. They through the shared password as the basis for authentication and generate a session key that is only known by both parties. At last, they can use this key to establish a secure channel to transmit secret message. We propose a password-based authenticated key exchange from lattices for Client-Server model. The client only need to remember the password rather than the private key, and the server except keep the password and its own public/private key pair. Both parties execute the mutual authentication via the shared password and accomplish the key exchange within two steps. The security of our protocol is based on LWE problem for lattices, so it is secure even an attacker uses a quantum computer.參考文獻 [1] Diffie, W., Hellman, M.: New directions in cryptography. In : IEEE transactions on Information Theory, 22(6), pp. 644-654(1976).[2] Shieh, W. G., Wang, J. M.: Efficient remote mutual authentication and key agreement. In : computers & security, 25(1), pp. 72--77 (2006).[3] Seo, B., Lee, S. W., Kim, H.: Authenticated Key Agreement Based on NFC for Mobile Payment. In : International Journal of Computer and Communication Engineering, 5(1), 71(2016).[4] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).[5] LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In : International Conference on Provable Security, pp. 1--16. Springer Berlin Heidelberg(2007).[6] 陳柏諭, “身份認證與免憑證式金鑰交換協議之研究.” 亞洲大學資訊多媒體應用學系碩士班學位論文, 2011. [7] Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 156--171. Springer Berlin Heidelberg(2000).[8] Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In : International Conference on the Theory and Applications of Cryptographic Techniques , pp. 475--494. Springer Berlin Heidelberg(2001).[9] Hao, F., Ryan, P.: J-PAKE: authenticated key exchange without PKI. In : Transactions on computational science XI , pp. 192--206. Springer Berlin Heidelberg(2010).[10] Xun, Y., Tso, R., Okamoto, E.: Identity-based password-authenticated key exchange for client/server model. In: SECRYPT, pp. 45-51(2012).[11] Hoffstein, J., Pipher, J., Silverman, J.: NTRU: A ring-based public key cryptosystem. In : Algorithmic number theory, pp. 267--288(1998).[12] Hoffstein, J., Pipher, J., Silverman, J. H.: NSS: An NTRU lattice-based signature scheme. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 211--228. Springer Berlin Heidelberg(2001). [13] López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In : Proceedings of the forty-fourth annual ACM symposium on Theory of computing, pp. 1219--1234(2012).[14] Lei, X., Liao, X.: NTRU-KE: A Lattice-based Public Key Exchange Protocol. In : IACR Cryptology ePrint Archive, 718(2013). [15] Jun, J. I. A. N. G., Chen, H. E.: A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications. In : Journal of Zhejiang University-SCIENCE A, 6(5), pp. 399—404(2005). [16] Wang, H., Zhao, C., Xu, Q., Wang, Y.: Identity-Based Authenticate Key Exchange Protocol from Lattice. In : Computational Intelligence and Security (CIS), 2013 9th International Conference on, pp. 564--568. IEEE(2013). [17] Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange-a new hope. In : IACR Cryptology ePrint Archive, 1092(2015).[18] Katz, J., Vaikuntanathan, V.: Smooth projective hashing and password-based authenticated key exchange from lattices. In : International Conference on the Theory and Application of Cryptology and Information Security, pp. 636--652. Springer Berlin Heidelberg(2009).[19] Park, S. W., Lee, I. Y.: Anonymous authentication scheme based on NTRU for the protection of payment information in NFC mobile environment. In : Journal of Information Processing Systems, 9(3), 461-476(2013).[20] Tso, R., Jheng, Y. S.: Security analysis of a NTRU-based mutual authentication scheme. In : Network Operations and Management Symposium (APNOMS), 2016 18th Asia-Pacific, pp. 1--3. IEEE(2016).[21] Ding, J., Xie, X., Lin, X.: A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem. In : IACR Cryptology EPrint Archive, 688(2012).[22] Zhang, J., Zhang, Z., Ding, J., Snook, M., Dagdelen, Ö.: Authenticated key exchange from ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques , pp. 719--751. Springer Berlin Heidelberg(2015).[23] Lattice, https://en.wikipedia.org/wiki/Lattice_(group).[24] Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In : Journal of the ACM (JACM), 56(6), 34(2009).[25] Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 1--23. Springer Berlin Heidelberg(2010).[26] Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In : SIAM Journal on Computing, 37(1), pp. 267--302(2007).[27] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).[28] Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 27--47. Springer Berlin Heidelberg(2011). 描述 碩士
國立政治大學
資訊科學學系
103753035資料來源 http://thesis.lib.nccu.edu.tw/record/#G0103753035 資料類型 thesis dc.contributor.advisor 左瑞麟 zh_TW dc.contributor.author (Authors) 鄭逸修 zh_TW dc.creator (作者) 鄭逸修 zh_TW dc.date (日期) 2017 en_US dc.date.accessioned 11-Jul-2017 11:56:08 (UTC+8) - dc.date.available 11-Jul-2017 11:56:08 (UTC+8) - dc.date.issued (上傳時間) 11-Jul-2017 11:56:08 (UTC+8) - dc.identifier (Other Identifiers) G0103753035 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/110836 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學學系 zh_TW dc.description (描述) 103753035 zh_TW dc.description.abstract (摘要) 基於通行碼之認證金鑰交換協定(Password-based Authenticated Key Exchange)為一項使要進行交換訊息之雙方做相互驗證並產生一把共享金鑰的技術。藉由通訊雙方共享一組通行碼做為身份驗證的依據,並且在驗證結束後產生一把僅有雙方才知道的祕密通訊金鑰,往後進行傳遞機密資訊時即可透過此金鑰建立安全的通訊管道。 本篇論文提出一個在主從式架構(Client/Server model)下基於晶格(lattice)之通行碼認證金鑰交換協定,用戶端只需記錄與伺服器共享之通行碼,而伺服器端除了通行碼外擁有屬於自己的公私鑰對,雙方間透過共享之通行碼進行相互驗證,並且在兩個步驟內完成認證及金鑰交換。在安全性上基於晶格密碼系統之難問題,若未來量子電腦問世能夠抵擋其強大運算能力之攻擊,達到安全且有效率之通行碼認證金鑰協議。 zh_TW dc.description.abstract (摘要) The password-based authenticated key exchange is a technology that allows both parties to perform mutual authentication and generate a shared session key. They through the shared password as the basis for authentication and generate a session key that is only known by both parties. At last, they can use this key to establish a secure channel to transmit secret message. We propose a password-based authenticated key exchange from lattices for Client-Server model. The client only need to remember the password rather than the private key, and the server except keep the password and its own public/private key pair. Both parties execute the mutual authentication via the shared password and accomplish the key exchange within two steps. The security of our protocol is based on LWE problem for lattices, so it is secure even an attacker uses a quantum computer. en_US dc.description.tableofcontents 誌謝 I摘要 IIAbstract IIITable of Contents IVList of Figures VIIList of Tables VIIChapter 1 Introduction 11.1 Research Background 11.2 Organization 7Chapter 2 Background Knowledge 82.1 Lattice 82.2 Learning with Error 82.3 Ring Learning with Error 92.4 NTRU Cryptosystem 102.4.1 Initial Parameters Setting 102.4.2 Key Generation 112.4.3 Encryption 112.4.4 Decryption 11Chapter 3 Related Works 123.1 Identity-based Password-Authenticated Key Exchange for Client/Server Model 123.1.1 Protocol Execution 123.2 Anonymous Authentication Scheme based on NTRU for the Protection of Payment Information in NFC Mobile Environment 133.2.1 System Parameters Setting 143.2.2 User Registration Phase 143.2.3 User Identity Proof Phase 153.2.4 Bank Identity Proof Phase 163.3 Security Analysis of a NTRU-based Mutual Authentication Scheme 183.4 A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem 203.4.1 Protocol Execution 203.5 Authenticated Key Exchange from Ideal Lattices 213.5.1 Protocol Execution 223.6 Key Exchange 233.7 Implicit Key Authentication v.s. Explicit Key Authentication 24Chapter 4 Proposed Scheme 264.1 Architecture 264.1.1 System Parameters Setting 264.1.2 Protocol Execution 274.1.3 Password Update 284.2 Correctness 294.2.1 Signal Functions 294.2.2 Robust Extractors 29Chapter 5 Security Analysis 325.1 Oracle Definition 325.2 Advantage of the Adversary 335.2.1 Fresh Definition 335.2.2 Succ Definition 335.3 Experiment Definition 345.4 NTRU 385.5 Comparison with Related Works 39Chapter 6 Experimental Results 41Chapter 7 Conclusion 46References 47 zh_TW dc.format.extent 1281914 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0103753035 en_US dc.subject (關鍵詞) 基於通行碼之認證金鑰交換協定 zh_TW dc.subject (關鍵詞) 晶格 zh_TW dc.subject (關鍵詞) 誤差學習難問題 zh_TW dc.subject (關鍵詞) 金鑰交換協定 zh_TW dc.subject (關鍵詞) 雙向驗證機制 zh_TW dc.subject (關鍵詞) 主從式架構 zh_TW dc.subject (關鍵詞) PAKE en_US dc.subject (關鍵詞) Lattice en_US dc.subject (關鍵詞) LWE en_US dc.subject (關鍵詞) Key exchange en_US dc.subject (關鍵詞) Mutual authentication en_US dc.subject (關鍵詞) Client/Server model en_US dc.title (題名) 主從式架構下基於晶格之通行碼認證金鑰交換協定之研究 zh_TW dc.title (題名) A study of password-based authenticated key exchange from lattices for client/server model en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) [1] Diffie, W., Hellman, M.: New directions in cryptography. In : IEEE transactions on Information Theory, 22(6), pp. 644-654(1976).[2] Shieh, W. G., Wang, J. M.: Efficient remote mutual authentication and key agreement. In : computers & security, 25(1), pp. 72--77 (2006).[3] Seo, B., Lee, S. W., Kim, H.: Authenticated Key Agreement Based on NFC for Mobile Payment. In : International Journal of Computer and Communication Engineering, 5(1), 71(2016).[4] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).[5] LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In : International Conference on Provable Security, pp. 1--16. Springer Berlin Heidelberg(2007).[6] 陳柏諭, “身份認證與免憑證式金鑰交換協議之研究.” 亞洲大學資訊多媒體應用學系碩士班學位論文, 2011. [7] Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 156--171. Springer Berlin Heidelberg(2000).[8] Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In : International Conference on the Theory and Applications of Cryptographic Techniques , pp. 475--494. Springer Berlin Heidelberg(2001).[9] Hao, F., Ryan, P.: J-PAKE: authenticated key exchange without PKI. In : Transactions on computational science XI , pp. 192--206. Springer Berlin Heidelberg(2010).[10] Xun, Y., Tso, R., Okamoto, E.: Identity-based password-authenticated key exchange for client/server model. In: SECRYPT, pp. 45-51(2012).[11] Hoffstein, J., Pipher, J., Silverman, J.: NTRU: A ring-based public key cryptosystem. In : Algorithmic number theory, pp. 267--288(1998).[12] Hoffstein, J., Pipher, J., Silverman, J. H.: NSS: An NTRU lattice-based signature scheme. In : International Conference on the Theory and Applications of Cryptographic Techniques, pp. 211--228. Springer Berlin Heidelberg(2001). [13] López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In : Proceedings of the forty-fourth annual ACM symposium on Theory of computing, pp. 1219--1234(2012).[14] Lei, X., Liao, X.: NTRU-KE: A Lattice-based Public Key Exchange Protocol. In : IACR Cryptology ePrint Archive, 718(2013). [15] Jun, J. I. A. N. G., Chen, H. E.: A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications. In : Journal of Zhejiang University-SCIENCE A, 6(5), pp. 399—404(2005). [16] Wang, H., Zhao, C., Xu, Q., Wang, Y.: Identity-Based Authenticate Key Exchange Protocol from Lattice. In : Computational Intelligence and Security (CIS), 2013 9th International Conference on, pp. 564--568. IEEE(2013). [17] Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange-a new hope. In : IACR Cryptology ePrint Archive, 1092(2015).[18] Katz, J., Vaikuntanathan, V.: Smooth projective hashing and password-based authenticated key exchange from lattices. In : International Conference on the Theory and Application of Cryptology and Information Security, pp. 636--652. Springer Berlin Heidelberg(2009).[19] Park, S. W., Lee, I. Y.: Anonymous authentication scheme based on NTRU for the protection of payment information in NFC mobile environment. In : Journal of Information Processing Systems, 9(3), 461-476(2013).[20] Tso, R., Jheng, Y. S.: Security analysis of a NTRU-based mutual authentication scheme. In : Network Operations and Management Symposium (APNOMS), 2016 18th Asia-Pacific, pp. 1--3. IEEE(2016).[21] Ding, J., Xie, X., Lin, X.: A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem. In : IACR Cryptology EPrint Archive, 688(2012).[22] Zhang, J., Zhang, Z., Ding, J., Snook, M., Dagdelen, Ö.: Authenticated key exchange from ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques , pp. 719--751. Springer Berlin Heidelberg(2015).[23] Lattice, https://en.wikipedia.org/wiki/Lattice_(group).[24] Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In : Journal of the ACM (JACM), 56(6), 34(2009).[25] Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 1--23. Springer Berlin Heidelberg(2010).[26] Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In : SIAM Journal on Computing, 37(1), pp. 267--302(2007).[27] Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In : Advances in Cryptology—EUROCRYPT 2000, pp. 139--155. Springer Berlin Heidelberg(2000).[28] Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In : Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 27--47. Springer Berlin Heidelberg(2011). zh_TW
