Password authenticated key exchange-based on Kyber for mobile devices
In this article, a password-authenticated key exchange (PAKE) version of the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) public-key encryption and key-establishment standard is constructed. We mainly focused on how the PAKE version of PQC standard Kyber with...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
PeerJ Inc.
2024-03-01
|
| Series: | PeerJ Computer Science |
| Subjects: | |
| Online Access: | https://peerj.com/articles/cs-1960.pdf |
| _version_ | 1827300781930315776 |
|---|---|
| author | Kübra Seyhan Sedat Akleylek Ahmet Faruk Dursun |
| author_facet | Kübra Seyhan Sedat Akleylek Ahmet Faruk Dursun |
| author_sort | Kübra Seyhan |
| collection | DOAJ |
| description | In this article, a password-authenticated key exchange (PAKE) version of the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) public-key encryption and key-establishment standard is constructed. We mainly focused on how the PAKE version of PQC standard Kyber with mobile compatibility can be obtained by using simple structured password components. In the design process, the conventional password-based authenticated key exchange (PAK) approach is updated under the module learning with errors (MLWE) assumptions to add password-based authentication. Thanks to the following PAK model, the proposed Kyber.PAKE provides explicit authentication and perfect forward secrecy (PFS). The resistance analysis against the password dictionary attack of Kyber.PAKE is examined by using random oracle model (ROM) assumptions. In the security analysis, the cumulative distribution function (CDF) Zipf (CDF-Zipf) model is also followed to provide realistic security examinations. According to the implementation results, Kyber.PAKE presents better run-time than lattice-based PAKE schemes with similar features, even if it contains complex key encapsulation mechanism (KEM) components. The comparison results show that the proposed PAKE scheme will come to the fore for the future security of mobile environments and other areas. |
| first_indexed | 2024-04-24T16:10:50Z |
| format | Article |
| id | doaj.art-3b15ded60be649f7bfed3f4216c36aa3 |
| institution | Directory Open Access Journal |
| issn | 2376-5992 |
| language | English |
| last_indexed | 2024-04-24T16:10:50Z |
| publishDate | 2024-03-01 |
| publisher | PeerJ Inc. |
| record_format | Article |
| series | PeerJ Computer Science |
| spelling | doaj.art-3b15ded60be649f7bfed3f4216c36aa32024-03-31T15:05:41ZengPeerJ Inc.PeerJ Computer Science2376-59922024-03-0110e196010.7717/peerj-cs.1960Password authenticated key exchange-based on Kyber for mobile devicesKübra Seyhan0Sedat Akleylek1Ahmet Faruk Dursun2Department of Computer Engineering, Ondokuz Mayis University Samsun, Samsun, TurkeyChair of Security and Theoretical Computer Science, University of Tartu, Tartu, EstoniaDepartment of Computer Engineering, Ondokuz Mayis University Samsun, Samsun, TurkeyIn this article, a password-authenticated key exchange (PAKE) version of the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) public-key encryption and key-establishment standard is constructed. We mainly focused on how the PAKE version of PQC standard Kyber with mobile compatibility can be obtained by using simple structured password components. In the design process, the conventional password-based authenticated key exchange (PAK) approach is updated under the module learning with errors (MLWE) assumptions to add password-based authentication. Thanks to the following PAK model, the proposed Kyber.PAKE provides explicit authentication and perfect forward secrecy (PFS). The resistance analysis against the password dictionary attack of Kyber.PAKE is examined by using random oracle model (ROM) assumptions. In the security analysis, the cumulative distribution function (CDF) Zipf (CDF-Zipf) model is also followed to provide realistic security examinations. According to the implementation results, Kyber.PAKE presents better run-time than lattice-based PAKE schemes with similar features, even if it contains complex key encapsulation mechanism (KEM) components. The comparison results show that the proposed PAKE scheme will come to the fore for the future security of mobile environments and other areas.https://peerj.com/articles/cs-1960.pdfPost-quantum cryptographyPassword-based authenticated key exchangeLattice-based cryptography |
| spellingShingle | Kübra Seyhan Sedat Akleylek Ahmet Faruk Dursun Password authenticated key exchange-based on Kyber for mobile devices PeerJ Computer Science Post-quantum cryptography Password-based authenticated key exchange Lattice-based cryptography |
| title | Password authenticated key exchange-based on Kyber for mobile devices |
| title_full | Password authenticated key exchange-based on Kyber for mobile devices |
| title_fullStr | Password authenticated key exchange-based on Kyber for mobile devices |
| title_full_unstemmed | Password authenticated key exchange-based on Kyber for mobile devices |
| title_short | Password authenticated key exchange-based on Kyber for mobile devices |
| title_sort | password authenticated key exchange based on kyber for mobile devices |
| topic | Post-quantum cryptography Password-based authenticated key exchange Lattice-based cryptography |
| url | https://peerj.com/articles/cs-1960.pdf |
| work_keys_str_mv | AT kubraseyhan passwordauthenticatedkeyexchangebasedonkyberformobiledevices AT sedatakleylek passwordauthenticatedkeyexchangebasedonkyberformobiledevices AT ahmetfarukdursun passwordauthenticatedkeyexchangebasedonkyberformobiledevices |