Abstract
Password-authenticated key exchange (PAKE) schemes are cryptographic schemes for securely establishing a shared session key between a client and a server communicating over an insecure channel by using a low-entropy password. In this paper, we propose a PAKE based on SIDH, where the password is used to derive a torsion points obfuscator independent of ephemeral keys. We analyze its security and prove that it is secure in the Bellare-Pointcheval-Rogaway (BPR) model, assuming the hardness of the supersingular isogeny computational Diffie-Hellman (SI-CDH) problem.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Note that in the original SIDH [9] and SIKE [13] proposal, the starting curve was proposed to be \(y^2 = x^3 + x\). However, it was later realised to have some security issues as the number of 2 and 3-isogenous curves (up to isomorphism) to this curve are less than ideal. As such, in the second round submission to the NIST call for PQC standardization, the starting curve for SIKE is revised to be \(y^2 = x^3 + 6x^2 + x\). The reader is referred to [13, Section 1.3.2] for more details.
References
Azarderakhsh, R., Jao, D., Koziel, B., LeGrow, J.T., Soukharev, V., Taraskin, O.: How not to create an isogeny-based PAKE. In: Conti, M., Zhou, J., Casalicchio, E., Spognardi, A. (eds.) ACNS 2020. LNCS, vol. 12146, pp. 169–186. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-57808-4_9
Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE Computer Society Symposium on Research in Security and Privacy, S &P 1992, pp. 72–84. IEEE (1992)
Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: ACM Conference on Computer and Communications Security, CCS 1993, pp. 244–250. ACM (1993)
Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_12
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_11
Couveignes, J.-M.: Hard homogeneous spaces. IACR Cryptology ePrint Archive 2006/291 (1997). https://eprint.iacr.org/2006/291.pdf
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_28
De Feo, L.: Mathematics of isogeny based cryptography. CoRR, abs/1711.04062 (2017). https://arxiv.org/pdf/1711.04062.pdf
De Feo, L., Jao, D., Plût, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209–247 (2014)
Galbraith, S.D.: Mathematics of Public Key Cryptography. Cambridge University Press, Cambridge (2012)
Galbraith, S.D., Vercauteren, F.: Computational problems in supersingular elliptic curve isogenies. Quantum Inf. Process. 17(10), 1–22 (2018). https://doi.org/10.1007/s11128-018-2023-6
Hao, F., Ryan, P.: J-PAKE: authenticated key exchange without PKI. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science XI. LNCS, vol. 6480, pp. 192–206. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17697-5_10
Jao, D., et al.: SIKE: supersingular isogeny key encapsulation (2017). https://sike.org
Qi, M., Chen, J.: Authentication and key establishment protocol from supersingular isogeny for mobile environments. J. Supercomput. 78(5), 6371–6385 (2021). https://doi.org/10.1007/s11227-021-04121-8
Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)
Silverman, J.: The Arithmetic of Elliptic Curves. Graduate Texts in Mathematics, Springer, New York (2009)
Taraskin, O., Soukharev, V., Jao, D., LeGrow, J.T.: Towards isogeny-based password-authenticated key establishment. J. Math. Cryptol. 15(1), 18–30 (2021). https://doi.org/10.1515/jmc-2020-0071
Terada, S., Yoneyama, K.: Password-based authenticated key exchange from standard isogeny assumptions. In: Steinfeld, R., Yuen, T.H. (eds.) ProvSec 2019. LNCS, vol. 11821, pp. 41–56. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-31919-9_3
Urbanik, D., Jao, D.: SoK: the problem landscape of SIDH. In: Proceedings of the 5th ACM on ASIA Public-Key Cryptography Workshop, APKC 2018, pp. 53–60. ACM, New York (2018). https://doi.org/10.1145/3197507.3197516
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 Springer Nature Switzerland AG
About this paper
Cite this paper
Prabowo, T.F., Tan, C.H. (2023). Provably Secure Password-Authenticated Key Exchange Based on SIDH. In: You, I., Youn, TY. (eds) Information Security Applications. WISA 2022. Lecture Notes in Computer Science, vol 13720. Springer, Cham. https://doi.org/10.1007/978-3-031-25659-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-25659-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-25658-5
Online ISBN: 978-3-031-25659-2
eBook Packages: Computer ScienceComputer Science (R0)