AI helps you reading Science

AI generates interpretation videos

AI extracts and analyses the key points of the paper to generate videos automatically


pub
Go Generating

AI Traceability

AI parses the academic lineage of this thesis


Master Reading Tree
Generate MRT

AI Insight

AI extracts a summary of this paper


Weibo:
Our first contribution is a two-round authentication protocol which we prove secure against active attacks assuming the hardness of the learning parity with noise problem

Efficient authentication from hard learning problems

J. Cryptology, no. 4 (2017): 1238-1275

Cited by: 9|Views173
EI

Abstract

We construct efficient authentication protocols and message-authentication codes (MACs) whose security can be reduced to the learning parity with noise (LPN) problem. Despite a large body of work - starting with the HB protocol of Hopper and Blum in 2001 - until now it was not even known how to construct an efficient authentication protoc...More

Code:

Data:

0
Introduction
  • Authentication is among the most basic and important cryptographic tasks. In the present paper the authors construct efficient (secret-key) authentication schemes from the learning parity with noise (LPN) problem.
  • The authors build two efficient MACs, and get two-round authentication protocols secure against MIM attacks, from the LPN assumption.
Highlights
  • Authentication is among the most basic and important cryptographic tasks
  • The pursuit of learning parity with noise (LPN)-based authentication is motivated by two disjoint concerns, one theoretical and one practical
  • We provide new constructions of authentication protocols and even message authentication codes (MACs) from LPN
  • Our first contribution is a two-round authentication protocol which we prove secure against active attacks assuming the hardness of the LPN problem
  • An authentication protocol is secure against passive attacks, if there exists no probabilistic polynomial time (PPT) adversary A that can make the verifier return accept with non-negligible probability after observing any number of interactions between the verifier and prover
  • We prove that if the LPN problem is ε-hard, √no adversary making Q queries can forge a MAC with probability more than Θ( ε · Q)
Results
  • The authors' first contribution is a two-round authentication protocol which the authors prove secure against active attacks assuming the hardness of the LPN problem.
  • In Section 4, the authors give two constructions of message authentication codes (MACs) that are secure assuming that the LPN problem is hard.
  • 2 For MACs, the authors consider the communication one incurs by constructing a MIM secure 2-round protocol from the MAC by having the prover compute the tag on a random challenge message.
  • An authentication protocol is secure against passive attacks, if there exists no PPT adversary A that can make the verifier return accept with non-negligible probability after observing any number of interactions between the verifier and prover.
  • An authentication protocol is (t, Q, ε)-secure against active adversaries if every PPT A, running in time at most t and making Q queries to the honest prover, has probability at most ε to win the above game.
  • The authors describe the new 2-round authentication protocol and prove its active security under the hardness of the SLPN∗τ,2 ,d problem, where d = /(2+γ) for some constant γ > 0.
  • If the SLPN∗τ,2 ,d problem is (t, nQ, ε)-hard the authentication protocol from Figure 4 is (t , Q, ε )secure against active adversaries, where for constants cγ, cτ > 0 that depend only on γ and τ respectively, t = t − poly(Q, ) ε = ε + Q · 2−cγ· + 2−cτ ·n = ε + 2−Θ(n) .
Conclusion
  • To turn this interactive protocol into a MAC, the authors will compute this v from the message m to be authenticated as v = C(h(m, b)), where h is a pairwise independent hash function, b ∈ Zν2 is some fresh randomness and C is some encoding scheme.
  • The idea is that in the reduction to the SLPN problem the authors define the function s(v) = A(v) · s ⊕ b(v) such that the following holds with non-negligible probability: (i) for each vi from the TAG queries, A(vi) has full rank and the tags can be simulated using the provided Γτ, , (s, ·, ·) oracle; (ii) for the first fresh forgery the authors have A(v) = 0 such that s(v) is independent of s and the reduction can check the forgery’s correctness.
Reference
  • The full version of this paper will be posted on the Cryptology ePrint Archive, http://eprint.iacr.org/
    Findings
  • Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553–57Springer, Heidelberg (2010)
    Google ScholarLocate open access versionFindings
  • Berlekamp, E., McEliece, R., van Tilborg, H.: On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory 24(3), 384– 386 (1978)
    Google ScholarLocate open access versionFindings
  • Blum, A., Furst, M.L., Kearns, M.J., Lipton, R.J.: Cryptographic primitives based on hard learning problems. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 278–291. Springer, Heidelberg (1994)
    Google ScholarFindings
  • Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. In: 32nd ACM STOC, pp. 435–440. ACM Press, New York (May 2000)
    Google ScholarLocate open access versionFindings
  • Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. J. ACM 50(4), 506–519 (2003)
    Google ScholarLocate open access versionFindings
  • Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)
    Google ScholarLocate open access versionFindings
  • Boyen, X.: Lattice mixing and vanishing trapdoors: A framework for fully secure short signatures and more. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 499–517.
    Google ScholarLocate open access versionFindings
  • Bringer, J., Chabanne, H., Dottax, E.: HB++: a lightweight authentication protocol secure against some attacks. In: SecPerU, pp. 28–33 (2006)
    Google ScholarFindings
  • Cramer, R., Damgard, I.: On the amortized complexity of zero-knowledge protocols. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 177–191. Springer, Heidelberg (2009)
    Google ScholarLocate open access versionFindings
  • Duc, D.N., Kim, K.: Securing HB+ against GRS man-in-the-middle attack. In: SCIS (2007)
    Google ScholarFindings
  • Fischer, J.-B., Stern, J.: An efficient pseudo-random generator provably as secure as syndrome decoding. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 245–255. Springer, Heidelberg (1996)
    Google ScholarLocate open access versionFindings
  • Furer, M.: Faster integer multiplication. SIAM J. Comput. 39(3), 979–1005 (2009)
    Google ScholarLocate open access versionFindings
  • Gilbert, H., Robshaw, M., Sibert, H.: An active attack against HB+ - a provably secure lightweight authentication protocol. Cryptology ePrint Archive, Report 2005/237 (2005), http://eprint.iacr.org/
    Locate open access versionFindings
  • Gilbert, H., Robshaw, M.J.B., Seurin, Y.: Good variants of hB+ are hard to find. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 156–170. Springer, Heidelberg (2008)
    Google ScholarFindings
  • Gilbert, H., Robshaw, M.J.B., Seurin, Y.: HB#: Increasing the security and efficiency of HB+. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378.
    Google ScholarFindings
  • Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM 33, 792–807 (1986)
    Google ScholarLocate open access versionFindings
  • Hopper, N.J., Blum, M.: Secure human identification protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)
    Google ScholarLocate open access versionFindings
  • Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
    Google ScholarLocate open access versionFindings
  • Katz, J., Shin, J.S.: Parallel and concurrent security of the HB and HB+ protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006)
    Google ScholarLocate open access versionFindings
  • Katz, J., Shin, J.S., Smith, A.: Parallel and concurrent security of the HB and HB+ protocols. Journal of Cryptology 23(3), 402–421 (2010)
    Google ScholarLocate open access versionFindings
  • Kearns, M.J.: Efficient noise-tolerant learning from statistical queries. J. ACM 45(6), 983–1006 (1998)
    Google ScholarLocate open access versionFindings
  • Levieil, E., Fouque, P.-A.: An improved LPN algorithm. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 348–359.
    Google ScholarLocate open access versionFindings
  • Munilla, J., Peinado, A.: HB-MP: A further step in the HB-family of lightweight authentication protocols. Computer Networks 51(9), 2262–2267 (2007)
    Google ScholarLocate open access versionFindings
  • Ouafi, K., Overbeck, R., Vaudenay, S.: On the security of hB# against a man-inthe-middle attack. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 108–124.
    Google ScholarFindings
  • Pietrzak, K.: Subspace LWE (2010) (manuscript) http://homepages.cwi.nl/~pietrzak/publications/SLWE.pdf
    Findings
  • Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, pp. 84–93. ACM Press, New York (2005)
    Google ScholarLocate open access versionFindings
  • Schonhage, A., Strassen, V.: Schnelle Multiplikation grosser Zahlen. Computing 7 (1971)
    Google ScholarLocate open access versionFindings
  • Van De Graaf, J.: Towards a formal definition of security for quantum protocols. PhD thesis, Monreal, P.Q., Canada, AAINQ35648 (1998)
    Google ScholarFindings
  • Waters, B.R.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127.
    Google ScholarLocate open access versionFindings
  • Watrous, J.: Zero-knowledge against quantum attacks. SIAM J. Comput. 39(1), 25–58 (2009)
    Google ScholarLocate open access versionFindings
Your rating :
0

 

Tags
Comments
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn
小科