Lattice-Based Round-Optimal Password Authenticated Secret Sharing Protocol

doi:10.3969/j.issn.1671-1122.2024.06.011

Abstract

Abstract:

The combination of password authentication and secret sharing in Password-Protected Secret Sharing (PPSS) schemes presents a distributed solution that aligns with practical user needs. This protocol allows a user to share secrets among multiple servers, only requiring the memorization of a short password for subsequent simultaneous authentication and secret reconstruction. The security ensures that as long as the adversary does not corrupt servers beyond a threshold, it cannot reveal any information related to password or the secrets from the protocol.The PPSS schemes were initially based on discrete-log-hardness assumptions and their variants, making them vulnerable to quantum attacks. Finding a quantum-secure construction has thus become an urgent problem to address. Roy et al. introduced a quantum-secure construction against malicious adversaries, but its communication rounds are not optimal and even not be constant in the presence of malicious adversaries. Addressing the issue of optimizing protocol rounds, this paper firstly introduced a lattice-based quantum-secure construction with optimal rounds, using a Verifiable Oblivious Pseudorandom Function (V-OPRF) primitive and then rigorously proved security of the protocol. Furthermore, the protocol ensured that in scenarios with a majority of honest servers, an honest user will always successfully reconstruct the correct secret within the optimal number of rounds, demonstrating strong robustness.

Key words: password authentication, secret sharing, post-quantum cryptography, verifiable oblivious pseudorandom function

CLC Number:

TP309

HU Chengcong, HU Honggang. Lattice-Based Round-Optimal Password Authenticated Secret Sharing Protocol[J]. Netinfo Security, 2024, 24(6): 937-947.

References 20

[1]	GU Xiaoyu. Apple Steps in to Investigate Hollywood Celebrity Photo Scandal; iCloud Suspected of Being Hacked[EB/OL]. (2014-09-03)[2024-03-14]. http://it.people.com.cn/n/2014/0903/c1009-25596161.html.
	古晓宇. 苹果介入调查好莱坞艳照门 iCloud被指遭攻击[EB/OL]. (2014-09-03)[2024-03-14]. http://it.people.com.cn/n/2014/0903/c1009-25596161.html.
[2]	Apple. Report: 2.6 Billion Personal Records Compromised by Data Breaches in Past Two Years—Underscoring Need for End-to-End Encryption[EB/OL]. (2023-12-07)[2024-03-14]. https://www.apple.com/newsroom/2023/12/report-2-point-6-billion-records-compromised-by-data-breaches-in-past-two-years/.
[3]	SHAMIR A. How to Share a Secret[J]. Communications of the ACM, 1979, 22(11): 612-613.
[4]	BAGHERZANDI A, JARECKI S, SAXENA N, et al. Password-Protected Secret Sharing[C]// ACM. Proceedings of the 18th ACM Conference on Computer and Communications Security. New York: ACM, 2011: 433-444.
[5]	CAMENISCH J, LEHMANN A, LYSYANSKAYA A, et al. Memento: How to Reconstruct Your Secrets from a Single Password in a Hostile Environment[C]// Springer. Advances in Cryptology-CRYPTO 2014: 34th Annual Cryptology Conference. Heidelberg: Springer, 2014: 256-275.
[6]	JARECKI S, KIAYIAS A, KRAWCZYK H, et al. TOPPSS: Cost-Minimal Password-Protected Secret Sharing Based on Threshold OPRF[C]// Springer. Applied Cryptography and Network Security:15th International Conference(ACNS 2017). Heidelberg: Springer, 2017: 39-58.
[7]	DAS P, HESSE J, LEHMANN A. DPaSE: Distributed Password-Authenticated Symmetric-Key Encryption, or How to Get Many Keys from One Password[C]// ACM. Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security. New York: ACM, 2022: 682-696.
[8]	MACKENZIE P, SHRIMPTON T, JAKOBSSON M. Threshold Password-Authenticated Key Exchange[C]// Springer. Annual International Cryptology Conference. Heidelberg: Springer, 2002: 385-400.
[9]	DI RAIMONDO M, GENNARO R. Provably Secure Threshold Password-Authenticated Key Exchange[C]// Springer. Advances in Cryptology—EUROCRYPT 2003:International Conference on the Theory and Applications of Cryptographic Techniques. Heidelberg: Springer, 2003: 507-523.
[10]	ABDALLA M, CHEVASSUT O, FOUQUE P A, et al. A Simple Threshold Authenticated Key Exchange from Short Secrets[C]// Springer. Advances in Cryptology-ASIACRYPT 2005: 11th International Conference on the Theory and Application of Cryptology and Information Security. Heidelberg: Springer, 2005: 566-584.
[11]	JARECKI S, KIAYIAS A, KRAWCZYK H. Round-Optimal Password-Protected Secret Sharing and T-PAKE in the Password-Only Model[C]// Springer. Advances in Cryptology-ASIACRYPT 2014: 20th International Conference on the Theory and Application of Cryptology and Information Security. Heidelberg: Springer, 2014: 233-253.
[12]	CAMENISCH J, LYSYANSKAYA A, NEVEN G. Practical Yet Universally Composable Two-Server Password-Authenticated Secret Sharing[C]// ACM. Proceedings of the 2012 ACM Conference on Computer and Communications Security. New York: ACM, 2012: 525-536.
[13]	KATZ J, MACKENZIE P, TABAN G, et al. Two-Server Password-Only Authenticated Key Exchange[C]// Springer. Applied Cryptography and Network Security: Third International Conference(ACNS 2005). Heidelberg: Springer, 2005: 1-16.
[14]	ABDALLA M, FOUQUE P A, POINTCHEVAL D. Password-Based Authenticated Key Exchange in the Three-Party Setting[C]// Springer. Public Key Cryptography-PKC 2005: 8th International Workshop on Theory and Practice in Public Key Cryptography. Heidelberg: Springer, 2005: 65-84.
[15]	JARECKI S, KIAYIAS A, KRAWCZYK H, et al. Highly-Efficient and Composable Password-Protected Secret Sharing (or: How to Protect Your Bitcoin Wallet Online)[C]// IEEE. 2016 IEEE European Symposium on Security and Privacy (EuroS&P). New York: IEEE, 2016: 276-291.
[16]	ROY P S, DUTTA S, SUSILO W, et al. Password Protected Secret Sharing from Lattices[C]// Springer. International Conference on Applied Cryptography and Network Security. Heidelberg: Springer, 2021: 442-459.
[17]	ALBRECHT M R, DAVIDSON A, DEO A, et al. Round-Optimal Verifiable Oblivious Pseudorandom Functions from Ideal Lattices[C]// Springer. IACR International Conference on Public-Key Cryptography. Heidelberg: Springer, 2021: 261-289.
[18]	FREEDMAN M J, ISHAI Y, PINKAS B, et al. Keyword Search and Oblivious Pseudorandom Functions[C]// Springer. Theory of Cryptography:Second Theory of Cryptography Conference(TCC 2005). Heidelberg: Springer, 2005: 303-324.
[19]	DI CRESCENZO G, ISHAI Y, OSTROVSKY R. Non-Interactive and Non-Malleable Commitment[C]// ACM. Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing. New York: ACM, 1998: 141-150.
[20]	BANERJEE A, PEIKERT C. New and Improved Key-Homomorphic Pseudorandom Functions[C]// Springer. Advances in Cryptology-CRYPTO 2014: 34th Annual Cryptology Conference. Heidelberg: Springer, 2014: 353-370.