Abstract

Password-based authentication is the dominant form of access control and is likely to keep its status in the foreseeable future. Password authenticated key exchange (PAKE) protocols enable two parties to exchange a session key during password-based authentication over an insecure channel. To resist password compromise at the server-side, passwords are recommended to be stored in a salted hash form. However, conventional password hashing functions (e.g., PBKDF2, bcrypt, and scrypt) only support PAKE protocols based on specific number-theoretic assumptions, which can only be proved secure in the random oracle model, and the communication rounds are generally high. Furthermore, they demand a large memory size, i.e., the output is of length łinebreak 32 bytes. To address these issues, several password hashing schemes based on discrete-logarithm assumptions, e.g., Benhamouda and Pointceva (IACR ePrint2013/833), Kiefer and Manulis (ESORICS14), and Pointcheval and Wang (ASIACCS17), have been proposed to be integrated with a smooth projective hash function (SPHF), but they are not secure in the coming quantum era and only can be proved security in the random oracle model. In this work, we focus on the question of how to design an efficient password hashing scheme that can be integrated into quantum-resistant SPHF-based PAKE while being secure in the standard model (but not the random oracle model). Following the research line of Kiefer and Manulis (ESORICS14), we design three new types of lattice-based password hashing schemes based on homomorphic commitment schemes with provable security in the standard model. We show that they can be efficiently integrated with SPHFs to obtain low-interactive PAKE protocols. Although the proposed scheme is not ready to be deployed in practice, it is an important step for the quantum-resistant password-based authentication and authenticated key exchange.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.