Abstract
With the advent of large-scale social networks, two communication users need to generate session keys with the help of a remote server to communicate securely. In the existing three-party authenticated key exchange (3PAKE) protocols, users’ passwords need to be stored on the server; it cannot resist the server disclosure attack. To solve this security problem, we propose a more efficient 3PAKE protocol based on the verification element by adopting a public-key cryptosystem and approximate smooth projection hash (ASPH) function on an ideal lattice. Using the structure of separating authentication from the server, the user can negotiate the session key only after two rounds of communication. The analysis results show that it can improve the efficiency of computation and communication and resist the server disclosure attack, quantum algorithm attack, and replay attack; moreover, it has session key privacy to the server. This protocol can meet the performance requirement of the current communication network.
Highlights
In 1976, Diffie and Hellman [1] first proposed a key exchange (KE) protocol to generate a session key between two users, to realize the secure transmission of information in the channel, but they did not consider the identity authentication of two users. en, authenticated key exchange (AKE) protocol is proposed based on the KE protocol
With the emergence of large-scale user mutual communication, the implementation of the two-party authenticated key exchange (2PAKE) protocol increases the burden of user password management [2,3,4,5], and the 3PAKE protocol allows users to negotiate a session key with other users when they share a password with the server
In 2021, Shu et al [23] adopted the Peikert [24] error reconciliation mechanism and proposed a 3PAKE protocol based on the verification element on the ideal lattice; it reduces the space complexity, but it needs six rounds of communication to negotiate a session key and increases the communication overhead
Summary
In 1976, Diffie and Hellman [1] first proposed a key exchange (KE) protocol to generate a session key between two users, to realize the secure transmission of information in the channel, but they did not consider the identity authentication of two users. en, authenticated key exchange (AKE) protocol is proposed based on the KE protocol. When the virus transmission server is captured, it has stored the IP address and account’s weak password of more than 2000 MSSQL servers and more than 600 phpMyAdmin servers Against this type of server file disclosure attack, Kwon et al [11] constructed the first 3PAKE protocol based on verification element in 2007. In 2021, Shu et al [23] adopted the Peikert [24] error reconciliation mechanism and proposed a 3PAKE protocol based on the verification element on the ideal lattice; it reduces the space complexity, but it needs six rounds of communication to negotiate a session key and increases the communication overhead. Using the approximate smooth projection hash function on the ideal lattice, each user can only transmit information with the server once to generate the session key.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
