Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Simple Provably Secure AKE from the LWE Problem

Published byRodney Britton Bradford Modified over 6 years ago

Similar presentations

Presentation on theme: "A Simple Provably Secure AKE from the LWE Problem"— Presentation transcript:

1 A Simple Provably Secure AKE from the LWE Problem
Source: Mathematical Problems in Engineering, Volume 2017, April 2017 Author: Limin Zhou, and Fengju Lv Speaker: Nguyen Ngoc Tu Date: 2017/10/5 Green: environmentally friendly

2 Introduction Key Exchange Protocol Alice Bob
Intercept: Delete, modify, fabricate ; corrupt: clients

3 Introduction Key Exchange Protocol Diffie–Hellman key exchange Alice
Bob D-H on finite field (or finite cyclic groups) Computational hardness assumption (discrete logarithm): Intercept: Delete, modify, fabricate ; corrupt: clients

4 Introduction Key Exchange Protocol Diffie–Hellman key exchange Alice
Bob D-H on ECC Computational hardness assumption: Intercept: Delete, modify, fabricate ; corrupt: clients

5 Introduction Key Exchange Protocol Peter W. Shor (1997)
Quantum computer can break the factorization problem the discrete logarithm problem in quantum polynomial time algorithms October 2015: Researchers at University of New South Wales built a Quantum logic gate in silicon for the first time May 2017: IBM announced that it has successfully built and tested its most powerful universal quantum computing processors with 16 qubit processor. Diffie–Hellman key exchange based on factorization discrete logarithm problems become insecure in next some years! Intercept: Delete, modify, fabricate ; corrupt: clients P.W. Shor, “Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,” SIAM Journal on Computing, vol. 26, no. 5, pp. 1484–1509, 1997. “World's First Silicon Quantum Logic Gate Brings Quantum Computing One Step Closer,” 2015 "IBM Builds Its Most Powerful Universal Quantum Computing Processors,“

6 Introduction (1) Lattice-based cryptography
Key Exchange Protocol New candidates of mathematical problems (1) Lattice-based cryptography (2) Multivariate-based cryptography (3) Hash-based signatures (4) Code-based cryptography (5) Supersingular elliptic curves-based cryptography Intercept: Delete, modify, fabricate ; corrupt: clients

7 Outline Introduction Preliminaries Proposed scheme Conclusions

8 Preliminaries Lattice
Let be a set of linearly independent vectors. The lattice generated by is the set of linear combinations of with coefficients in Fundamental domain Contribution

9 Preliminaries Example Contribution

10 Preliminaries Discrete Gaussian Distribution (center at 0, variance t)
Sample the noise value Contribution

11 Preliminaries Learning with errors problem Input a secret vector
Sample output Select a vector uniformly at random Select a random a noise Compute Problem: Contribution Given at most polynomial samples Find the secret vector It believes that the problem belong to NP-Hard class

12 Preliminaries Notations Contribution

13 Proposed scheme Setup the prime number
the dimension of the private vectors the Gaussian parameter the key derivation function 𝑠 𝐵 Contribution

14 Proposed scheme Setup Secrete key: Secrete key: Public key:
Bob Alice Secrete key: Secrete key: Public key: Public key: Contribution

15 Proposed scheme Alice Bob Select Compute Contribution

16 Proposed scheme Alice Bob Select Compute Contribution

17 Proposed scheme Alice Bob Contribution with overwhelming probability

18 Performance comparison
Security comparisons BR=Bellare and Rogaway model [5] H. Krawczyk, “HMQV: a high-performance secure Diffie-Hellman protocol (extended abstract),” in Advances in cryptology— CRYPTO 2005, vol of Lecture Notes in Computer Science, pp. 546–566, Springer, Berlin, Germany, 2005. [7] B. LaMacchia, K. Lauter, and A. Mityagin, “Stronger security of authenticated key exchange,” in Provable Security, vol of Lecture Notes in Computer Science, pp. 1–16, Springer, Berlin, Germany, 2007. [18] J. W. Bos, C. Costello, M. Naehrig, and D. Stebila, “Postquantum key exchange for the TLS protocol from the ring learning with errors problem,” in Proceedings of the 36th IEEE Symposium on Security and Privacy (SP ’15), pp. 553–570, San Jose, Calif, USA, May 2015. [26] A. Fujioka, K. Suzuki, K. Xagawa, and K. Yoneyama, “Practical and post-quantum authenticated key exchange from one-way secure key encapsulation mechanism,” in Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security (ASIA CCS ’13), pp. 83–94,ACM,May 2013. [27] A. Fujioka, K. Suzuki, K. Xagawa, and K. Yoneyama, “Strongly secure authenticated key exchange from factoring, codes, and lattices,” Designs, Codes and Cryptography, vol. 76, no. 3, pp. 469–504, 2015. [34] B. Ustaoglu, “Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS,” Designs, Codes, and Cryptography, vol. 46, no. 3, pp. 329–342, 2008. AAKE:

19 Conclusions The security of the proposed AKE scheme solely bases on the LWE problem Provable security under the BR model Automated Validation of Internet Security Protocols and Applications.

Download ppt "A Simple Provably Secure AKE from the LWE Problem"

Similar presentations

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.

Signatures for Network Coding Denis Charles Kamal Jain Kristin Lauter Microsoft Research.
Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.
Key Management Nick Feamster CS 6262 Spring 2009.

Key Management Nick Feamster CS 6262 Spring 2009.
11 Efficient and Secure Certificateless Authentication and Key Agreement Protocol for Hybrid P2P Network Authors: Z. B. Xu and Z. W. Li Source: The 2nd.

11 Efficient and Secure Certificateless Authentication and Key Agreement Protocol for Hybrid P2P Network Authors: Z. B. Xu and Z. W. Li Source: The 2nd.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Quantum Cryptography ( EECS 598 Presentation) by Amit Marathe.

Quantum Cryptography ( EECS 598 Presentation) by Amit Marathe.
Lattice-Based Cryptography. Cryptographic Hardness Assumptions Factoring is hard Discrete Log Problem is hard  Diffie-Hellman problem is hard  Decisional.

Lattice-Based Cryptography. Cryptographic Hardness Assumptions Factoring is hard Discrete Log Problem is hard  Diffie-Hellman problem is hard  Decisional.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
ASYMMETRIC CIPHERS.

ASYMMETRIC CIPHERS.
ElGamal Public Key Cryptography CS 303 Alg. Number Theory & Cryptography Jeremy Johnson Taher ElGamal, A Public-Key Cryptosystem and a Signature Scheme.

ElGamal Public Key Cryptography CS 303 Alg. Number Theory & Cryptography Jeremy Johnson Taher ElGamal, "A Public-Key Cryptosystem and a Signature Scheme.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Chapter 21 Public-Key Cryptography and Message Authentication.

Chapter 21 Public-Key Cryptography and Message Authentication.
Key Management Celia Li Computer Science and Engineering York University.

Key Management Celia Li Computer Science and Engineering York University.
Cryptography and Network Security (CS435) Part Eight (Key Management)

Cryptography and Network Security (CS435) Part Eight (Key Management)
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.

PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.

Similar presentations

Ads by Google