Loading [MathJax]/extensions/TeX/ietmacros.js
Further Analysis and Improvements of a Lattice-Based Anonymous PAKE Scheme | IEEE Journals & Magazine | IEEE Xplore
Scheduled Maintenance: On Monday, 27 January, the IEEE Xplore Author Profile management portal will undergo scheduled maintenance from 9:00-11:00 AM ET (1400-1600 UTC). During this time, access to the portal will be unavailable. We apologize for any inconvenience.

Further Analysis and Improvements of a Lattice-Based Anonymous PAKE Scheme


Abstract:

To improve the security of mobile networks in the postquantum era, Dabra et al. recently proposed a lattice-based anonymous password-authenticated key exchange (LBA-PAKE)...Show More

Abstract:

To improve the security of mobile networks in the postquantum era, Dabra et al. recently proposed a lattice-based anonymous password-authenticated key exchange (LBA-PAKE) protocol for mobile devices. Especially, LBA-PAKE is claimed to support the key reuse. However, we find that LBA-PAKE is still vulnerable to the signal leakage attack when the master key is reused. We propose two strategies to reduce the needed number of queries in our attack. Compared to the method of Bindel et al., our method reduces the required queries by more than 75%. Our experiments show that breaking LBA-PAKE needs less than 2 min. Through analysis of why LBA-PAKE fails in their security proof, we further propose an improved protocol without incurring extra computation costs. The formal security analysis shows that our improved scheme supports all features of LBA-PAKE while thwarting the signal leakage attack. Moreover, the implementation of our improved protocol demonstrates its efficiency in mobile networks.
Published in: IEEE Systems Journal ( Volume: 16, Issue: 3, September 2022)
Page(s): 5035 - 5043
Date of Publication: 21 April 2022

ISSN Information:

Funding Agency:


References

References is not available for this document.