摘要： 基于标准格的密钥协商协议具有较长的密钥长度和较高的密文扩张率,且格的表示方式需要较大的空间,而理想格具有密钥长度短和运行效率高等优点。因此,结合环上误差学习问题,提出基于理想格的用户匿名口令认证密钥协商协议。使用低熵的口令,通过服务器实现相互认证和共享会话密钥,以避免在身份认证过程中用户长期密钥的存储安全受到威胁。分析结果表明,与传统的2PAKE和3PAKE协议相比,该协议具有较高的效率和较短的密钥长度,能够抵抗量子攻击,适用于大规模网络通信。

关键词: 理想格, 可证明安全, 口令认证, 密钥协商, 环上误差学习问题

Abstract: The key agreement protocol based on standard lattice has longer key and higher ciphertext expansion rate,and the way of lattice representation needs larger space,while the ideal lattice has shorter key length and higher running efficiency.Therefore,combined with Ring Learning with Error(RLWE) problem,an anonymous password authentication key agreement protocol based on the ideal lattice is proposed.Users use low entropy passwords to authenticate and share session keys through servers,so as to avoid users’ long-term key security being threatened in the process of identity authentication.The analysis results show that,compared with the traditional 2PAKE and 3PAKE protocols,the proposed protocol has higher efficiency and shorter key length,which can resist quantum attacks and is suitable for large-scale network communication.

Key words: ideal lattice, provably secure, password authentication, key agreement, Ring Learning with Error(RLWE) problem

中图分类号: 

• TP309