Efficient Password-Authenticated Key Exchange from RLWE Based on Asymmetric Key Consensus

Abstract

A password-authenticated key exchange (PAKE) protocol allows two entities sharing a password to perform mutual authentication and establish a session key. Benefiting from the use of a low-entropy human-memorable password, PAKE avoids the use of PKI in the authentication process, making it more flexible and cheaper. However, with the development of quantum computing, protocols based on classical assumptions will no longer be secure, so designing a PAKE protocol capable of resisting quantum attacks has become an important research direction. In this work, we propose an efficient PAKE protocol using a new error reconciliation mechanism based on the ring learning with errors (RLWE) problem, which is considered to resist quantum attacks. Our protocol is proven security under the Bellare-Pointcheval-Rogaway (BPR) model. The protocol is implemented using the C language, which is highly portable, and is also optimized utilizing the Advanced Vector Extensions 2 (AVX2) instruction set. Compared with the C implementation of Ding’s protocol, our reference C implementation is more than 12x faster, and the efficiency is doubled after AVX2 optimization. Moreover, by choosing the appropriate parameters, the security strength of our scheme is improved and the message size is reduced.