Inhomogeneous Small Integer Solution Research Articles

Quantum‐safe Lattice‐based mutual authentication and key‐exchange scheme for the smart grid

AbstractThe smart grid network (SGN) is expected to leverage advances in the Internet of Things (IoT) to enable effective delivery and monitoring of energy. By integrating communication, computing, and information tools like smart sensors and meters to facilitate the process of monitoring, predictions, and management of power usage, the SGN can improve competence of power‐grid architecture. However, the effective deployment of IoT‐powered SGNs hinges on the deployment of strong security protocols. With the advent of quantum computers, classic cryptographic algorithms based on integer factorization and the Diffie‐Hellman assumptions may not be suitable to secure the sensitive data of SGNs. Therefore, in this paper, a secure quantum‐safe mutual authentication and key‐exchange (MAKe) mechanism is proposed for SGNs, that make use of the hard assumptions of small integer solution and inhomogeneous small integer solution problems of lattice. The proposed protocol is intended to offer confidentiality, anonymity, and hashed‐based mutual authentication with a key‐exchange agreement. Similarly, this scheme allows creation and validation of the mutual trust among the smart‐meters (SMs) and neighbourhood‐area network gateway over an insecure wireless channel. A random oracle model is then used to perform the formal security analysis of the proposed approach. A thorough formal analysis demonstrates proposed algorithm's ability to withstand various known attacks. The performance analysis shows that the proposed approach outperforms other comparative schemes with respect to at least 22.07% of minimal energy utilization, 51.48% effective storage and communications costs, as well as 76.28% computational costs, and thus suitable for resource‐constrained SGNs.

Provably secure lightweight certificateless lattice‐based authenticated key exchange scheme for IIoT

SummaryThrough the Industrial Internet of Things (IIoT), the manufacturing enterprises have significantly enhanced the production efficiency. The transmission of data in IIoT over public channels has brought about information leakage issues. Therefore, it is crucial to agree on a session key among the participants. In recent years, numerous authenticated key exchange (AKE) schemes have been designed. However, those AKE schemes which adopt the certificateless approach to tackle certificate management and key escrow may remain vulnerable to quantum attacks, and other AKE schemes which are based on lattice hard problem so as to achieve the post quantum security may incur key management issues. To simultaneously address the aforementioned challenges, we propose a lightweight certificateless lattice‐based authenticated key exchange (C2LAKE) scheme. Upon the hardness assumptions of the inhomogeneous small integer solution (ISIS) and computational bilateral inhomogeneous small integer solution (CBi‐ISIS) problems, the C2LAKE scheme has been demonstrated to be secure in the eCK model and the random oracle model (ROM). Better trade‐off among security and functionality features, and communication and computation costs make the C2LAKE scheme suitable and applicable in the IIoT environment.

Certificateless threshold signature from lattice

Threshold signature has been widely used in electronic wills, electronic elections, cloud computing, secure multi-party computation and other fields. Until now, certificateless threshold signature schemes are all based on traditional mathematic theory, so they cannot resist quantum computing attacks. In view of this, we combine the advantages of lattice-based cryptosystem and certificateless cryptosystem to construct a certificateless threshold signature from lattice (LCLTS) that is efficient and resistant to quantum algorithm attacks. LCLTS has the threshold characteristics and can resist the quantum computing attacks, and the analysis shows that it is unforgeable against the adaptive Chosen-Message Attacks (UF-CMA) with the difficulty of Inhomogeneous Small Integer Solution (ISIS) problem. In addition, LCLTS solves the problems of the certificate management through key escrow.

Certificateless multi-source signcryption with lattice

Network coding can improve network transmission performance and reduce data transmission delay. However, the nodes in network are vulnerable to pollution attacks. Previous network coding schemes are based on difficult problems in number theory and cannot resist the quantum computing attacks. Hence, certificateless multi-source signcryption with lattice (LCL-MSSC) is devised for network coding, it uses common public key to verify the combination ciphertext from different source node users. Based on learning with errors and inhomogeneous small integer solution problems, LCL-MSSC is unforgeable under the adaptive chosen-message attacks and indistinguishable under the adaptive chosen-ciphertext attacks; in addition, it can resist the pollution attacks and quantum computing attacks. Efficient LCL-MSSC has broad application prospect in UAV wireless communication network, mobile wireless network, wireless sensor network or cyberspace security.

Attribute-based proxy re-signature from standard lattices and its applications

We introduce Attribute-based Proxy Re-Signatures (ABPRS), an extension of Proxy Re-Signatures (PRS), which allows a semi-trusted proxy to transform a signature of one entity into a signature of another, without revealing any signing key and information about the signer. The proposed primitive combines features of PRS and Attribute-based Signatures (ABS), which is useful for many applications (we show how to apply ABPRS to three such applications). We propose a unidirectional ABPRS construction based on the hardness of the Inhomogeneous Small Integer Solution (ISIS) problem in standard lattices. We show that the proposed unidirectional ABPRS construction is multi-hop, where the transformation can be performed multiple times on any signature. Furthermore, we prove that the proposed unidirectional ABPRS construction satisfies the security notion of no-signature-query unforgeability and (perfect) privacy, under the ISIS assumption. Finally, we show how to obtain a multi-hop unidirectional ABPRS scheme that satisfies a stronger security notion of co-selective unforgeability by using a generic transformation technique.

LAAC: Lightweight Lattice-Based Authentication and Access Control Protocol for E-Health Systems in IoT Environments

Over the past few years, the Internet of Things (IoT) has played a crucial role in designing e-health systems. An IoT-enabled e-health system allows different entities to examine a patient's health condition anywhere and anytime. However, the deployment of e-health systems in an IoT environment faces various security and privacy challenges. The authentication of participating entities, the confidentiality of information transferred through an insecure channel, and access control are essential issues to be resolved. To settle these challenges, we found many authentication protocols for e-health systems based on the discrete logarithm and integer factorization problems. However, quantum attacks expose all these protocols. In this article, we propose a lattice-based authentication and access control (LAAC) protocol for IoT-enabled e-health systems to mitigate the quantum attacks. We prove that LAAC is robust with the hardness assumption of the inhomogeneous small integer solution problem. Moreover, we provide provable security analysis of LAAC. Besides, performance evaluation shows it is reasonable to execute LAAC in an IoT device.

Provably secure identity-based two-party authenticated key agreement protocol based on CBi-ISIS and Bi-ISIS problems on lattices

The two-party authenticated key agreement (2PAKA) protocol establishes a secure channel over the Internet between two users. This secure channel helps to transfer messages between them in the presence of an adversary. The invention of Shor’s algorithms makes current 2PAKA protocols vulnerable to quantum attacks. To mitigate quantum attacks, we designed an identity-based two-party authenticated key agreement (LB-ID-2PAKA) protocol on a lattice L(B) of dimension n. Besides, to avoid the public key infrastructure (PKI), which is required for the authentication of the public keys of users, we use the identity-based cryptography (IBC) in our protocol. We analyzed that our proposed LB-ID-2PAKA protocol is provably secure with the hardness assumptions of the computational bilateral inhomogeneous small integer solution (CBi-ISIS) and bilateral small integer solution (Bi-SIS) problems. We also analyzed the computation and communication overheads of our LB-ID-2PAKA protocol and compared its performance with a related protocol. The comparison results demonstrate that our LB-ID-2PAKA protocol yields better performance and can be used in post-quantum environments.

Cryptanalysis of lattice-based key exchange on small integer solution problem and its improvement

Wang et al. introduced a new variant of small integer solution (SIS), namely, bilateral inhomogeneous small integer solution (Bi-ISIS) which is based on lattice cryptography, and constructed a Bi-ISIS-based key exchange (KE) protocol. In this paper, we indicate that Wang et al.’s Bi-ISIS-based KE protocol is not secure because a common shared key can be recovered directly by using linear algebraic methods. Furthermore, we analysis two simple variants of the Bi-ISIS-based KE and show that they are also insecure. To avoid the shared key attack, we present an improvement of the Bi-ISIS-based KE, whose security is reduced to the learning with error problem over modules (M-LWE).

A lattice-based changeable threshold multi-secret sharing scheme and its application to threshold cryptography

In this paper, we propose a threshold increasing algorithm for a (t; n) latticebased Threshold Multi-Stage Secret Sharing (TMSSS) scheme. To realize the changeability feature, we use the zero addition protocol to construct a new (t0; n) TMSSS scheme. Therefore, the new scheme enjoys the signi cant feature of threshold changeability along with the inherited features of being multi-stage, multi-use, and veri able derived fromour previously proposed lattice-based TMSSS scheme. Furthermore, we use the improved TMSSS scheme to propose a threshold decryption algorithm for the Learning With Error (LWE) based public key encryption scheme based on the study of Lindner and Peikert. For threshold decryption, each authorized subset of participants decrypts the ciphertext partially and sends the result to the combiner. The combiner can decrypt the ciphertext using the partial decryptions. The security of both schemes is based on hardness of lattice problems, i.e. LWE and Inhomogeneous Small Integer Solution (ISIS) problems, which are believed to resist against the quantum algorithms. The proposed schemes are eficient, especially on the participants' side, making them suitable for the applications in which the participants have limited processing capacities.

Cryptanalysis of Wang et al.’s lattice-based key exchange protocol

Summary Wang et al. proposed a new hard problem on lattices which is an extension of the small integer solution (SIS) on lattices. This new generated hard problem is named to be bilateral in-homogeneous small integer solution (Bi-ISIS). Using the hardness of Bi-ISIS, Wang et al. proposed a new key exchange protocol, which is based on the lattice-based cryptography. In this paper, we signalize that Wang et al.’s lattice-based key exchange protocol is vulnerable to an attack, namely, man-in-the-middle (MITM) attack. Through this attack, Eavesdropper can intercept the authenticated messages and communicate the unauthentic messages among the communicating parties.

Lattice-based key exchange on small integer solution problem

In this paper, we propose a new hard problem, called bilateral inhomogeneous small integer solution (Bi-ISIS), which can be seen as an extension of the small integer solution problem on lattices. The main idea is that, instead of choosing a rectangle matrix, we choose a square matrix with small rank to generate Bi-ISIS problem without affecting the hardness of the underlying SIS problem. Based on this new problem, we present two new hardness problems: computational Bi-ISIS and decisional problems. As a direct application of these problems, we construct a new lattice-based key exchange (KE) protocol, which is analogous to the classic Diffie- Hellman KE protocol. We prove the security of this protocol and show that it provides better security in case of worst-case hardness of lattice problems, relatively efficient implementations, and great simplicity.

A Lattice-Based Identity-Based Proxy Blind Signature Scheme in the Standard Model

A proxy blind signature scheme is a special form of blind signature which allowed a designated person called proxy signer to sign on behalf of original signers without knowing the content of the message. It combines the advantages of proxy signature and blind signature. Up to date, most proxy blind signature schemes rely on hard number theory problems, discrete logarithm, and bilinear pairings. Unfortunately, the above underlying number theory problems will be solvable in the postquantum era. Lattice-based cryptography is enjoying great interest these days, due to implementation simplicity and provable security reductions. Moreover, lattice-based cryptography is believed to be hard even for quantum computers. In this paper, we present a new identity-based proxy blind signature scheme from lattices without random oracles. The new scheme is proven to be strongly unforgeable under the standard hardness assumption of the short integer solution problem (SIS) and the inhomogeneous small integer solution problem (ISIS). Furthermore, the secret key size and the signature length of our scheme are invariant and much shorter than those of the previous lattice-based proxy blind signature schemes. To the best of our knowledge, our construction is the first short lattice-based identity-based proxy blind signature scheme in the standard model.

Hash Proof System Based on Lattice

We present a hash proof systems (HPS)based on hard lattice problems including learning with error (LWE) and inhomogeneous small integer solution (ISIS). Different from the HPS in past, ours is with error. That is to say, the deterministic private evaluation algorithm is not always equivalent to the deterministic public evaluation algorithm. The difference between them is one or zero. We also show how to construct a public-key encryption scheme which is semantically secure against key-leakage attacks in the standard model using our HPS based on lattice. Compared with previous cryptosystem based on lattice, our construction needs bigger public key space but fewer operations during encryption, and can resist quantum attacks because of the assumption on lattice problem.

Lattice‐based signcryption

SUMMARYSigncryption is a cryptographic primitive that performs simultaneously both the functions of digital signature and public‐key encryption, at a cost significantly lower than that required by the traditional signature‐ then‐encryption approach. In this paper, we provide a positive answer to the question of if it is possible to construct signcryption based on lattice problems. More precisely, we design an efficient signcryption scheme that can send a message of length l one time. We prove that the proposed scheme has the indistinguishability against adaptive chosen ciphertext attacks under the learning with errors assumption and strong unforgeability against adaptive chosen messages attacks under the inhomogeneous small integer solution assumption in the random oracle model. Copyright © 2012 John Wiley & Sons, Ltd.