A Secure Remote Password Protocol From The Learning With Errors Problem
- URL: http://arxiv.org/abs/2501.07208v1
- Date: Mon, 13 Jan 2025 11:01:50 GMT
- Title: A Secure Remote Password Protocol From The Learning With Errors Problem
- Authors: Huapeng Li, Baocheng Wang,
- Abstract summary: We propose a post-quantum SRP protocol from the learning with errors (LWE) problem.<n>We give rigorous proof and analyses on the correctness and security of the scheme.
- Score: 0.045285281911950165
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Secure Remote Password (SRP) protocol is an essential password-authenticated key exchange (PAKE) protocol based on the discrete logarithm problem (DLP). The protocol is specifically designed to obtain a session key and it has been widely used in various scenarios due to its attractive security features. In the SRP protocol, the server is not required to save any data directly associated with passwords. And this makes attackers who manage to corrupt the server fail to impersonate the client unless performing a brute-force search for the password. However, the development of quantum computing has potentially made classic DLP-based public-key cryptography schemes not secure, including the SRP protocol. So it is significant to design a quantum-resistant SRP protocol. In this paper, based on the original scheme, we propose a post-quantum SRP protocol from the learning with errors (LWE) problem. And we give rigorous proof and analyses on the correctness and security of the scheme. Besides being resistant to known quantum attacks, it maintains the various secure qualities of the original protocol.
Related papers
- Reverse Online Guessing Attacks on PAKE Protocols [0.43748379918040853]
We show that password-authenticated key exchange protocols are vulnerable to reverse online guessing attacks.<n> reverse guessing poses a unique risk because the burden of detection is shifted to the clients.<n>Our analysis suggests that stakeholders should, by default, authenticate the server using more stringent measures than just the user's password.
arXiv Detail & Related papers (2026-02-09T18:40:53Z) - "MCP Does Not Stand for Misuse Cryptography Protocol": Uncovering Cryptographic Misuse in Model Context Protocol at Scale [27.85822797774986]
The Model Context Protocol (MCP) is emerging as the interface for tool integration.<n>MCP provides no guarantees of authenticity or confidentiality, forcing developers to implement cryptography themselves.<n>We presentYSCOPE, the first domain-specific framework for detecting cryptographic misuses in MCP implementations.<n>Our study establishes the first ecosystem-wide view of cryptographic misuse in MCP and provides both tools and insights to strengthen the security foundations of this rapidly growing protocol.
arXiv Detail & Related papers (2025-12-03T13:25:59Z) - Which LLM Multi-Agent Protocol to Choose? [30.16052895726503]
We introduce ProtocolBench, a benchmark that compares agent protocols along four measurable axes: task success, end-to-end latency, message or byte overhead, and under failures.<n>On ProtocolBench, protocol choice significantly influences system behavior.<n> Protocol completion is a learnable protocol router that selects per-scenario protocols from requirement and runtime signals.
arXiv Detail & Related papers (2025-10-20T04:53:19Z) - Secure and Efficient Quantum Signature Scheme Based on the Controlled Unitary Operations Encryption [5.662132994900804]
We present an efficient arbitrated quantum signature protocol to encrypt quantum message ensembles.<n>In contrast to existing protocols, our approach successfully prevents disavowal and forgery attacks.
arXiv Detail & Related papers (2025-07-14T12:56:09Z) - Integration of quantum random number generators with post-quantum cryptography algorithms [36.136619420474766]
Post-Quantum Cryptography (PQC) has become a potential solution to prolong the life of existing Public Key Infrastructure (PKI) systems.<n>PQC protocols depend on high-quality randomness for key generation and encapsulation procedures.<n>We demonstrate a proof-of-concept enabling the incorporation of Quantum Random Number Generation (QRNG) devices within communication networks using PQC-based Transport Layer Security (TLS)
arXiv Detail & Related papers (2025-07-01T10:56:39Z) - Authenticated Sublinear Quantum Private Information Retrieval [12.91566002502802]
This paper introduces a novel lower bound on communication complexity using quantum relative entropy and mutual information.
By leveraging Uhlmann's lemma and quantum Pinsker inequalities, the authors establish tighter bounds for information-theoretic security.
arXiv Detail & Related papers (2025-04-05T03:30:04Z) - Secure Multi-Party Biometric Verification using QKD assisted Quantum Oblivious Transfer [34.46964288961048]
We present a practical implementation of a secure multiparty computation application enabled by quantum oblivious transfer (QOT)<n>The QOT protocol uses polarization-encoded entangled states to share oblivious keys between two parties with quantum key distribution (QKD) providing authentication.<n>A practical use case is demonstrated for privacy-preserving fingerprint matching against no-fly lists from Interpol and the United Nations.
arXiv Detail & Related papers (2025-01-09T15:51:30Z) - Single-Round Proofs of Quantumness from Knowledge Assumptions [41.94295877935867]
A proof of quantumness is an efficiently verifiable interactive test that an efficient quantum computer can pass.
Existing single-round protocols require large quantum circuits, whereas multi-round ones use smaller circuits but require experimentally challenging mid-circuit measurements.
We construct efficient single-round proofs of quantumness based on existing knowledge assumptions.
arXiv Detail & Related papers (2024-05-24T17:33:10Z) - Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.
This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z) - Data post-processing for the one-way heterodyne protocol under
composable finite-size security [62.997667081978825]
We study the performance of a practical continuous-variable (CV) quantum key distribution protocol.
We focus on the Gaussian-modulated coherent-state protocol with heterodyne detection in a high signal-to-noise ratio regime.
This allows us to study the performance for practical implementations of the protocol and optimize the parameters connected to the steps above.
arXiv Detail & Related papers (2022-05-20T12:37:09Z) - Automated Attack Synthesis by Extracting Finite State Machines from
Protocol Specification Documents [25.871916915930996]
We suggest a data-driven approach for extracting finite state machines (FSMs) from RFC documents.
Unlike off-the-shelf NLP tools, we suggest a data-driven approach for extracting FSMs from RFC documents.
We show the generalizability of our FSM extraction by using RFCs for six different protocols: BGPv4, DCCP,.
SCTP and TCP.
arXiv Detail & Related papers (2022-02-18T23:27:29Z) - Authenticated Multiparty Quantum Key Agreement for Optical-Ring Quantum
Communication Networks [7.753213765615376]
In the key agreement protocols, an attacker can impersonate a legal user to participate in the negotiation process and eavesdrop the agreement key easily.
This is often overlooked in most quantum key agreement protocols, which makes them insecure in practical implementation.
Considering this problem, the function of authenticating the user's identity is added in the proposed protocol.
arXiv Detail & Related papers (2021-12-15T07:16:09Z) - A short review on quantum identity authentication protocols: How would
Bob know that he is talking with Alice? [0.0]
Successful implementation of a scheme of quantum key distribution (QKD) requires identity authentication as a prerequisite.
Several schemes for identity authentication, using quantum resources have been proposed.
The security of such protocols is also critically analyzed.
arXiv Detail & Related papers (2021-12-08T11:22:29Z) - Round-robin differential phase-time-shifting protocol for quantum key
distribution: theory and experiment [58.03659958248968]
Quantum key distribution (QKD) allows the establishment of common cryptographic keys among distant parties.
Recently, a QKD protocol that circumvents the need for monitoring signal disturbance, has been proposed and demonstrated in initial experiments.
We derive the security proofs of the round-robin differential phase-time-shifting protocol in the collective attack scenario.
Our results show that the RRDPTS protocol can achieve higher secret key rate in comparison with the RRDPS, in the condition of high quantum bit error rate.
arXiv Detail & Related papers (2021-03-15T15:20:09Z) - Quantum Secure Direct Communication with Mutual Authentication using a
Single Basis [2.9542356825059715]
We propose a new theoretical scheme for quantum secure direct communication (QSDC) with user authentication.
The present protocol uses only one orthogonal basis of single-qubit states to encode the secret message.
We discuss the security of the proposed protocol against some common attacks and show that no eaves-dropper can get any information from the quantum and classical channels.
arXiv Detail & Related papers (2021-01-10T16:32:42Z) - Security Limitations of Classical-Client Delegated Quantum Computing [54.28005879611532]
A client remotely prepares a quantum state using a classical channel.
Privacy loss incurred by employing $RSP_CC$ as a sub-module is unclear.
We show that a specific $RSP_CC$ protocol can replace the quantum channel at least in some contexts.
arXiv Detail & Related papers (2020-07-03T13:15:13Z) - Client-Server Identification Protocols with Quantum PUF [1.4174475093445233]
We propose two identification protocols based on the emerging hardware secure solutions, the quantum Physical Unclonable Functions (qPUFs)
The first protocol allows a low-resource party to prove its identity to a high-resource party and in the second protocol, it is vice-versa.
Unlike existing identification protocols based on Quantum Read-out PUFs which rely on the security against a specific family of attacks, our protocols provide provable exponential security against any Quantum Polynomial-Time adversary with resource-efficient parties.
arXiv Detail & Related papers (2020-06-08T12:35:09Z) - Twin-field quantum digital signatures [4.503555294002338]
Digital signature is a key technique in information security, especially for identity authentications.
Quantum digital signatures (QDSs) provide a considerably higher level of security, i.e., information-theoretic security.
arXiv Detail & Related papers (2020-03-25T08:04:59Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.