Efficient shared-key authentication scheme from any weak pseudorandom function

Abstract

One of the most widely used shared-key authentication schemes today is a challenge-response scheme. In this scheme, a function such as a message authentication code or a symmetric encryption scheme plays an important role. To ensure the security, we need to assume that these functions are included in a certain kind of functions family, e.g., a pseudorandom functions family. For example, functions such as SHA1-HMAC, DES and AES often assumed as the pseudorandom functions. But unfortunately, nobody knows that these functions are really pseudorandom functions and if not, then the security of the challenge-response scheme is not ensured any more. The common way to reduce this kind of fear is to construct the shared-key authentication scheme which can be proven secure with a weaker assumption on these functions. In this paper, we show that a blind-challenge-response shared-key authentication scheme which is a simple modified version of the original challenge-response authentication scheme can be constructed from a weaker cryptographic assumption known as weak pseudorandom functions.