A Novel Quantum Dragonfly Multi-Key Exchange Protocol beyond Conventional Attacks

Abstract

Dragonfly Key Exchange Protocol (DFKEP) is a kind of simple authentication key exchange protocol based on low-entropy shared password between two nodes, aiming to construct an efficient and secure scheme with better user experience for guarding security for internet era. Furthermore, DFKEP has been submitted to the Internet Engineering Task Force as a candidate standard for general internet use. Unfortunately, the original DFKEP has some flaws, such as vulnerable to off-line guessing attack and kinds of passive and active attacks. Combining quantum technology, this paper presents an enhanced DFKEP, called Quantum Dragonfly Multi-key Exchange Protocol (QDFMKEP), which can eliminate DFKEP’s flaws and output multiple session keys in one transaction. Moreover, compared with the former research AQKDPs (authenticated quantum key distribution protocols) and DFKEP, QDFMKEP has four merits: (1) the basis is dynamic against the long shared password revealed, (2) key agreement replaces key distribution for eliminating the server get the session key of the two users, (3) any user’s device need not store information for saving storage space and avoiding verification table leakage, and s/he only keep the password in her/his brain, (4) output multiple session keys. Compared with the related literatures recently, our proposed scheme can not only own high efficiency and unique functionality, but is also robust to various attacks and achieves perfect forward secrecy. Finally, we give the security proof and the comparison with the related works.